@atoms-tech/atoms-mcp 0.12.14 → 0.12.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.cjs +1 -1
  2. package/dist/index.js +1 -1
  3. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -1,2 +1,2 @@
1
1
  #!/usr/bin/env node
2
- var e=require("fs/promises"),t=require("os"),r=require("path"),i=require("@supabase/supabase-js"),n=require("http"),a=require("crypto"),s=require("url"),o=require("@modelcontextprotocol/ext-apps/server"),d=require("@modelcontextprotocol/sdk/server/mcp.js"),c=require("zod"),l=require("module"),m=require("@modelcontextprotocol/sdk/server/stdio.js"),p="undefined"!=typeof document?document.currentScript:null;function u(e){return e&&e.__esModule?e:{default:e}}var _,f,h,g,y,b,w,v=u(e),j=u(r),x=u(a),S=Object.defineProperty,k=Object.getOwnPropertyNames,I=(e,t)=>function(){return e&&(t=(0,e[k(e)[0]])(e=0)),t},E=(e,t)=>{for(var r in t)S(e,r,{get:t[r],enumerable:!0})};function O(e){return w.get(e)}var T=I({"src/core/tool-catalog.ts"(){_=new Set(["atoms_status","atoms_list_projects"]),f=new Set(["atoms_create_item","atoms_update_item","atoms_delete_item","atoms_restore_item","atoms_link_items","atoms_bulk_import","atoms_record_test_result","atoms_record_test_results","atoms_create_variable","atoms_update_variable","atoms_delete_variable","atoms_create_domain","atoms_update_domain","atoms_delete_domain","atoms_create_baseline","atoms_lock_baseline","atoms_restore_baseline"]),h=new Set(["atoms_delete_item","atoms_delete_variable","atoms_delete_domain","atoms_restore_baseline"]),g=new Set(["atoms_bulk_import"]),y={items:["atoms_list_items","atoms_get_item","atoms_search","atoms_semantic_search","atoms_browse","atoms_get_history","atoms_create_item","atoms_update_item","atoms_delete_item","atoms_restore_item","atoms_bulk_import"],traceability:["atoms_trace","atoms_link_items","atoms_export_mermaid","atoms_impact_analysis"],coverage:["atoms_get_coverage","atoms_record_test_result","atoms_record_test_results","atoms_project_summary","atoms_list_assets"],variables:["atoms_list_variables","atoms_get_variable","atoms_create_variable","atoms_update_variable","atoms_delete_variable"],domains:["atoms_list_domains","atoms_create_domain","atoms_update_domain","atoms_delete_domain"],baselines:["atoms_list_baselines","atoms_create_baseline","atoms_lock_baseline","atoms_diff_baselines","atoms_restore_baseline"]},b=Object.keys(y),w=new Map;for(const[e,t]of Object.entries(y))for(const r of t)w.set(r,e)}});function U(e,t){if(_.has(t))return{allowed:!0};if(e.lockdown&&!new Set(["atoms_list_items","atoms_get_item","atoms_search","atoms_browse"]).has(t))return{allowed:!1,reason:"lockdown"};if(e.forbidden_tools.includes(t))return{allowed:!1,reason:"forbidden_tool"};if(e.read_only&&f.has(t))return{allowed:!1,reason:"read_only"};if(e.block_destructive&&h.has(t))return{allowed:!1,reason:"block_destructive"};if(e.block_bulk_import&&g.has(t))return{allowed:!1,reason:"block_bulk_import"};const r=O(t);return void 0===r||e.allowed_toolsets.includes(r)?{allowed:!0}:{allowed:!1,reason:"toolset_disabled"}}function A(e,t){return U(e,t).allowed}function z(e){switch(e){case"lockdown":return"MCP is in lockdown mode for your role — only read-only browse is available.";case"read_only":return"Your org policy puts MCP in read-only mode. Mutating tools are not exposed.";case"block_destructive":return"Your org policy blocks destructive operations (delete tools).";case"block_bulk_import":return"Your org policy blocks bulk import.";case"forbidden_tool":return"This tool is on your org's forbidden list.";case"toolset_disabled":return"This tool's toolset is not enabled in your org policy."}}var H,D,R,C=I({"src/core/policy.ts"(){T()}}),P=I({"src/core/types.ts"(){H={read_only:!1,lockdown:!1,block_destructive:!1,block_bulk_import:!1,cross_project_browse:!0,allowed_toolsets:["items","traceability","coverage","variables","domains","baselines"],forbidden_tools:[],project_scope:null,require_confirmation_for:[]}}});function M(){return D}var q=I({"src/middleware/session-policy.ts"(){P(),D=H,R=null}});function $(){const e=process.env.ATOMS_MCP_TOOLSETS?.trim();if(!e)return null;const t=e.split(",").map(e=>e.trim()).filter(Boolean);if(0===t.length)return null;const r=new Set,i=[];for(const e of t)b.includes(e)?r.add(e):i.push(e);return{allowed:r,unknown:i}}function N(){const e=process.env.ATOMS_MCP_READ_ONLY;return"1"===e||"true"===e?.toLowerCase()}function L(e){if(N()&&f.has(e))return!1;if(_.has(e))return!0;const t=$();if(null===t)return A(M(),e);const r=O(e);return!!r&&!!t.allowed.has(r)&&A(M(),e)}var W,V,F=I({"src/middleware/tool-registry.ts"(){T(),C(),q()}}),B={};async function J(){try{const t=await e.readFile(V,"utf-8"),r=JSON.parse(t);return r.access_token&&r.refresh_token?r:null}catch{return null}}async function Q(t){await e.mkdir(W,{recursive:!0,mode:448}),await e.writeFile(V,JSON.stringify(t,null,2),{mode:384})}async function G(){const e=await J();return!!e&&e.expires_at>Date.now()+6e4}function Y(e){return e.expires_at>Date.now()+6e4}async function K(){try{await e.unlink(V)}catch{}}function Z(){return V}E(B,{clearCredentials:()=>K,getCredentialsPath:()=>Z,hasValidCredentials:()=>G,isTokenValid:()=>Y,readCredentials:()=>J,writeCredentials:()=>Q});var X,ee,te,re=I({"src/auth/token-store.ts"(){W=r.join(t.homedir(),".atoms"),V=r.join(W,"credentials.json")}}),ie={};E(ie,{ATOMS_APP_URL:()=>te,ATOMS_SUPABASE_ANON_KEY:()=>ee,ATOMS_SUPABASE_URL:()=>X});var ne=I({"src/config.ts"(){X="https://gmebjyhomsbvhrxffzre.supabase.co",ee="sb_publishable_b49MUAB8XCrQiF7x5b9lUA_w1aplSBH",te=process.env.ATOMS_APP_URL??"https://atoms.tech"}}),ae={};async function se(){const e=process.env.ATOMS_ACCESS_TOKEN;if(e){const t=oe(e);return{access_token:e,refresh_token:"",user_id:t.sub,email:t.email??""}}const t=await J();if(!t)throw new Error("Not authenticated. Run 'npx @atoms-tech/atoms-mcp login' to connect your ATOMS account.");if(t.expires_at>Date.now()+6e4){const e=oe(t.access_token);return{access_token:t.access_token,refresh_token:t.refresh_token,user_id:e.sub,email:e.email??t.user_email??""}}process.stderr.write("[atoms-mcp] Refreshing access token...\n");const r=i.createClient(X,ee),{data:n,error:a}=await r.auth.refreshSession({refresh_token:t.refresh_token});if(a||!n.session)throw new Error(`Token refresh failed: ${a?.message??"No session returned"}. Re-run 'npx @atoms-tech/atoms-mcp login'.`);const s=n.session;return await Q({access_token:s.access_token,refresh_token:s.refresh_token,expires_at:Date.now()+1e3*(s.expires_in??3600),user_email:s.user?.email}),{access_token:s.access_token,refresh_token:s.refresh_token,user_id:s.user?.id??"",email:s.user?.email??""}}function oe(e){const t=e.split(".");if(3!==t.length)throw new Error("Invalid JWT format");const r=t[1].replace(/-/g,"+").replace(/_/g,"/").padEnd(t[1].length+(4-t[1].length%4)%4,"="),i=JSON.parse(Buffer.from(r,"base64").toString("utf-8"));if(!i.sub)throw new Error("JWT missing 'sub' claim");return i}E(ae,{getValidToken:()=>se});var de,ce,le,me,pe,ue=I({"src/auth/refresh.ts"(){re(),ne()}}),_e={};async function fe(){if(de)try{const e=await J();e&&e.expires_at>pe&&(process.stderr.write("[atoms-mcp] Credentials file refreshed elsewhere — rebuilding client.\n"),he())}catch{}if(de&&me>Date.now()+6e4)return de;de&&process.stderr.write("[atoms-mcp] Token expiring, refreshing client...\n");const{access_token:e,user_id:t,email:r}=await se(),n=e.split(".");if(3===n.length)try{const e=JSON.parse(Buffer.from(n[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString());me=1e3*(e.exp??0)}catch{me=Date.now()+36e5}try{const e=await J();pe=e?.expires_at??0}catch{pe=0}const a=i.createClient(X,ee,{global:{headers:{Authorization:`Bearer ${e}`}}});return ce=t,le=r,de=a}function he(){de=null,ce=null,le=null,me=0,pe=0}function ge(e){let t="";if(e instanceof Error)t=e.message;else if(e&&"object"==typeof e){const r=e;t="string"==typeof r.message?r.message:"string"==typeof r.code?r.code:String(e)}else null!=e&&(t=String(e));return/jwt\s*expired|invalid.?jwt|token.*(?:has\s+)?expired|jwt.*invalid|pgrst301/i.test(t)}async function ye(e){try{return await e()}catch(t){if(!ge(t))throw t;return process.stderr.write("[atoms-mcp] Data tier rejected JWT — invalidating client and retrying once.\n"),he(),await e()}}function be(){if(!ce)throw new Error("Not authenticated. Call getClient() first.");return ce}function we(){return le??""}async function ve(e,t){const r=be(),{data:i,error:n}=await e.from("projects").select("org_id").eq("id",t).maybeSingle();if(n||!i)throw new Error(`Project '${t}' not found`);const{data:a,error:s}=await e.from("org_members").select("role").eq("user_id",r).eq("org_id",i.org_id).maybeSingle();if(s||!a){const{data:t}=await e.rpc("is_platform_admin");if(!0===t)return"admin";throw new Error("Not a member of this project's organization")}if("viewer"===a.role)throw new Error("VIEWER_ROLE");return a.role}E(_e,{getClient:()=>fe,getUserEmail:()=>we,getUserId:()=>be,invalidateClient:()=>he,isJwtExpiredError:()=>ge,requireWriteAccess:()=>ve,withJwtRetry:()=>ye});var je,xe,Se=I({"src/db/client.ts"(){ue(),re(),ne(),de=null,ce=null,le=null,me=0,pe=0}}),ke={};async function Ie(){const e=a.randomBytes(32).toString("base64url"),t=a.createHash("sha256").update(e).digest("base64url"),r=`http://localhost:${je}${xe}`,i=new s.URL(`${te}/auth/mcp-consent`);return i.searchParams.set("redirect_uri",r),i.searchParams.set("code_challenge",t),i.searchParams.set("code_challenge_method","S256"),new Promise((t,r)=>{let a;function o(){clearTimeout(a)}const d=n.createServer(async(i,n)=>{const a=new s.URL(i.url??"/",`http://localhost:${je}`);if(a.pathname!==xe)return n.writeHead(404),void n.end("Not found");try{if("access_denied"===a.searchParams.get("error"))return n.writeHead(200,{"Content-Type":"text/html"}),n.end(Oe("Authorization was cancelled.")),o(),d.close(),void r(new Error("Authorization cancelled by user."));const i=a.searchParams.get("code");if(i){const a=await fetch(`${X}/auth/v1/token?grant_type=pkce`,{method:"POST",headers:{"Content-Type":"application/json",apikey:ee},body:JSON.stringify({auth_code:i,code_verifier:e})}),s=await a.json();if(!a.ok||!s.access_token){const e=s.error_description??s.msg??"Unknown error";return n.writeHead(200,{"Content-Type":"text/html"}),n.end(Oe(`Code exchange failed: ${e}`)),o(),d.close(),void r(new Error(`Code exchange failed: ${e}`))}let c="authenticated";try{c=JSON.parse(Buffer.from(s.access_token.split(".")[1],"base64").toString()).email??c}catch{}const{createClient:l}=await import("@supabase/supabase-js"),m=l(X,ee,{global:{headers:{Authorization:`Bearer ${s.access_token}`}}}),{data:p,error:u}=await m.from("org_members").select("org_id").limit(1);return u||!p||0===p.length?(n.writeHead(200,{"Content-Type":"text/html"}),n.end(Oe('No ATOMS account found for this Google account.<br><br>Please sign up at <a href="https://atoms.tech">atoms.tech</a> first, then run this login command again.')),o(),d.close(),void r(new Error("No ATOMS account found. Sign up at atoms.tech first."))):(await Q({access_token:s.access_token,refresh_token:s.refresh_token,expires_at:Date.now()+1e3*(s.expires_in??3600),user_email:c}),n.writeHead(200,{"Content-Type":"text/html"}),n.end(Ee(c)),o(),d.close(),void t({email:c}))}const s=a.searchParams.get("access_token"),c=a.searchParams.get("refresh_token"),l=parseInt(a.searchParams.get("expires_in")??"3600",10);s&&c?(await Q({access_token:s,refresh_token:c,expires_at:Date.now()+1e3*l}),n.writeHead(200,{"Content-Type":"text/html"}),n.end(Ee("authenticated")),o(),d.close(),t({email:"authenticated"})):(n.writeHead(200,{"Content-Type":"text/html"}),n.end("<!DOCTYPE html>\n<html>\n<head><title>ATOMS MCP Login</title></head>\n<body>\n <h1>Completing login...</h1>\n <script>\n const hash = window.location.hash.substring(1);\n const params = new URLSearchParams(hash);\n const data = {\n access_token: params.get('access_token'),\n refresh_token: params.get('refresh_token'),\n expires_in: params.get('expires_in'),\n user_email: ''\n };\n if (data.access_token) {\n // Decode JWT to get email\n try {\n const payload = JSON.parse(atob(data.access_token.split('.')[1]));\n data.user_email = payload.email || '';\n } catch(e) {}\n fetch('/token', {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(data)\n }).then(() => {\n document.body.innerHTML = '<h1>Login successful! You can close this tab.</h1>';\n }).catch(() => {\n document.body.innerHTML = '<h1>Login failed. Please try again.</h1>';\n });\n } else {\n document.body.innerHTML = '<h1>Login failed — no tokens received.</h1>';\n }\n <\/script>\n</body>\n</html>"))}catch(e){n.writeHead(500),n.end("Authentication failed"),o(),d.close(),r(e)}});d.on("request",async(e,i)=>{if("POST"===e.method&&"/token"===e.url){let n="";e.on("data",e=>{n+=e.toString()}),e.on("end",async()=>{try{const e=JSON.parse(n);await Q({access_token:e.access_token,refresh_token:e.refresh_token,expires_at:Date.now()+1e3*(e.expires_in??3600),user_email:e.user_email}),i.writeHead(200,{"Content-Type":"application/json"}),i.end(JSON.stringify({ok:!0})),o(),d.close(),t({email:e.user_email??"authenticated"})}catch(e){i.writeHead(500),i.end("Failed to store credentials"),o(),d.close(),r(e)}})}}),d.listen(je,"127.0.0.1",async()=>{process.stderr.write("\nOpening browser for ATOMS login...\n"),process.stderr.write(`If the browser doesn't open, visit:\n${i.toString()}\n\n`);try{const{default:e}=await import("open");await e(i.toString())}catch{process.stderr.write("Could not open browser automatically. Please open the URL above.\n")}}),a=setTimeout(()=>{d.close(),r(new Error("Login timed out after 60 seconds. Run 'npx @atoms-tech/atoms-mcp login' to try again."))},6e4)})}function Ee(e){return`<!DOCTYPE html>\n<html>\n<head>\n <title>ATOMS MCP — Authorized</title>\n <style>\n * { margin: 0; padding: 0; box-sizing: border-box; }\n body {\n font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', system-ui, sans-serif;\n background: #0a0a0a;\n color: #fafafa;\n display: flex;\n align-items: center;\n justify-content: center;\n min-height: 100vh;\n }\n .card {\n background: #171717;\n border: 1px solid #262626;\n border-radius: 16px;\n padding: 48px;\n max-width: 480px;\n width: 100%;\n text-align: center;\n }\n .icon {\n width: 56px;\n height: 56px;\n background: #052e16;\n border-radius: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n margin: 0 auto 24px;\n }\n .icon svg { width: 28px; height: 28px; }\n h1 {\n font-size: 22px;\n font-weight: 600;\n margin-bottom: 8px;\n color: #22c55e;\n }\n .email {\n font-size: 14px;\n color: #a3a3a3;\n margin-bottom: 32px;\n }\n .permissions {\n text-align: left;\n background: #0a0a0a;\n border: 1px solid #262626;\n border-radius: 12px;\n padding: 20px;\n margin-bottom: 24px;\n }\n .permissions h3 {\n font-size: 12px;\n font-weight: 600;\n color: #737373;\n text-transform: uppercase;\n letter-spacing: 0.05em;\n margin-bottom: 12px;\n }\n .perm-item {\n display: flex;\n align-items: center;\n gap: 10px;\n padding: 6px 0;\n font-size: 14px;\n color: #d4d4d4;\n }\n .perm-item .dot {\n width: 6px;\n height: 6px;\n background: #22c55e;\n border-radius: 50%;\n flex-shrink: 0;\n }\n .closing {\n font-size: 13px;\n color: #525252;\n }\n .closing span { color: #a3a3a3; font-variant-numeric: tabular-nums; }\n </style>\n</head>\n<body>\n <div class="card">\n <div class="icon">\n <svg fill="none" viewBox="0 0 24 24" stroke="#22c55e" stroke-width="2.5">\n <path stroke-linecap="round" stroke-linejoin="round" d="M5 13l4 4L19 7"/>\n </svg>\n </div>\n <h1>Authorization Granted</h1>\n <p class="email">${e}</p>\n\n <div class="permissions">\n <h3>ATOMS MCP can now</h3>\n <div class="perm-item"><span class="dot"></span> Read your projects and requirements</div>\n <div class="perm-item"><span class="dot"></span> Create and edit requirements and test cases</div>\n <div class="perm-item"><span class="dot"></span> Record test results (pass/fail)</div>\n <div class="perm-item"><span class="dot"></span> Manage traceability relationships</div>\n <div class="perm-item"><span class="dot"></span> Export coverage reports and diagrams</div>\n </div>\n\n <p class="closing">This tab will close in <span id="countdown">5</span>s</p>\n </div>\n\n <script>\n let seconds = 5;\n const el = document.getElementById('countdown');\n const timer = setInterval(() => {\n seconds--;\n el.textContent = seconds;\n if (seconds <= 0) {\n clearInterval(timer);\n window.close();\n // If window.close() is blocked (not opened by script), update message\n setTimeout(() => {\n document.querySelector('.closing').textContent = 'You can close this tab now.';\n }, 500);\n }\n }, 1000);\n <\/script>\n</body>\n</html>`}function Oe(e){return`<!DOCTYPE html>\n<html>\n<head>\n <title>ATOMS MCP — Failed</title>\n <style>\n * { margin: 0; padding: 0; box-sizing: border-box; }\n body {\n font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', system-ui, sans-serif;\n background: #0a0a0a;\n color: #fafafa;\n display: flex;\n align-items: center;\n justify-content: center;\n min-height: 100vh;\n }\n .card {\n background: #171717;\n border: 1px solid #262626;\n border-radius: 16px;\n padding: 48px;\n max-width: 480px;\n width: 100%;\n text-align: center;\n }\n .icon {\n width: 56px;\n height: 56px;\n background: #450a0a;\n border-radius: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n margin: 0 auto 24px;\n }\n .icon svg { width: 28px; height: 28px; }\n h1 { font-size: 22px; font-weight: 600; margin-bottom: 16px; color: #ef4444; }\n .reason { font-size: 14px; color: #a3a3a3; line-height: 1.6; }\n .reason a { color: #7c3aed; text-decoration: underline; }\n </style>\n</head>\n<body>\n <div class="card">\n <div class="icon">\n <svg fill="none" viewBox="0 0 24 24" stroke="#ef4444" stroke-width="2.5">\n <path stroke-linecap="round" stroke-linejoin="round" d="M6 18L18 6M6 6l12 12"/>\n </svg>\n </div>\n <h1>Authorization Failed</h1>\n <p class="reason">${e}</p>\n </div>\n</body>\n</html>`}E(ke,{login:()=>Ie});var Te,Ue,Ae,ze,He=I({"src/auth/login.ts"(){re(),ne(),je=19275,xe="/callback"}});function De(e,t=0){if(t>5)return"[depth-limit]";if("string"==typeof e){for(const t of Ae)if(t.test(e.trim()))return"[redacted]";return e.length>ze?e.slice(0,ze)+"…":e}if(Array.isArray(e))return e.slice(0,20).map(e=>De(e,t+1));if(null!==e&&"object"==typeof e){const r={};for(const[i,n]of Object.entries(e)){const e=i.toLowerCase();Te.has(e)?r[i]="[redacted]":Ue.has(e)?r[i]="string"==typeof n?"[content]":De(n,t+1):r[i]=De(n,t+1)}return r}return e}function Re(e){return De(e)}var Ce,Pe,Me,qe,$e,Ne=I({"src/middleware/audit.ts"(){Te=new Set(["access_token","refresh_token","password","api_key","secret","token","authorization","credential","credentials","private_key"]),Ue=new Set(["body","description","content","notes","summary","title","system_prompt","prompt"]),Ae=[/^[^\s@]+@[^\s@]+\.[^\s@]+$/,/^bearer\s+\S+$/i,/^(sk|pk|npm|gh|glpat|xoxb|xoxp|rk|SG\.)[-_][A-Za-z0-9_-]{16,}/,/^eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+$/],ze=200}}),Le=I({"src/middleware/rate-limiter.ts"(){Ce=60,Pe=6e4}});function We(){const e=process.env.ATOMS_MCP_PROJECT_ID?.trim();return e?Me.test(e)?e:(qe||(process.stderr.write(`[atoms-mcp] WARNING: ATOMS_MCP_PROJECT_ID="${e.slice(0,50)}" is not a valid UUID — scope ignored.\n`),qe=!0),null):null}var Ve,Fe=I({"src/middleware/project-scope.ts"(){Me=/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i,qe=!1,$e=class extends Error{expectedProjectId;receivedProjectId;constructor(e,t){super("Tool call rejected: project_id is outside the configured ATOMS_MCP_PROJECT_ID scope."),this.name="ProjectScopeError",this.expectedProjectId=e,this.receivedProjectId=t}}}});function Be(e){const t=function(e){return e.trim().toLowerCase().replace(/[^a-z0-9]+/g,"_").replace(/^_+|_+$/g,"")}(e??"");return t?t.includes("cursor")?"cursor":t.includes("copilot")?"copilot":t.includes("claude")?Ve:t:Ve}var Je,Qe,Ge,Ye,Ke,Ze=I({"src/core/client-identity.ts"(){Ve="claude_desktop"}}),Xe={};function et(e,t=Qe){if("string"!=typeof e)return"";const r=e.replace(Ye,"").replace(Ke,"");return r.length<=t?r:r.slice(0,t)+"..."}function tt(e){return"string"!=typeof e?"":e.trim().toLowerCase().replace(/\s+/g,"-").replace(/[^a-z0-9-]/g,"").replace(/-+/g,"-").replace(/^-|-$/g,"")}function rt(e,t){return{status:"success",data:e,...t?{meta:t}:{}}}function it(e,t,r){return{total_count:e,limit:t,offset:r,has_more:r+t<e}}function nt(e,t){return{status:"error",message:e,next_steps:t}}function at(e,t){return nt(`${e} '${et(t)}' not found`,[`Verify the ${e.toLowerCase()} ID is correct`,"Use atoms_list_items or atoms_search to find valid IDs"])}function st(e){return nt(`${e} role cannot modify project data`,["Contact your org admin to upgrade your role to editor","Use read-only tools (atoms_list_items, atoms_get_item, atoms_search) instead"])}function ot(e){return nt(`Validation error: ${et(e,Ge)}`,["Check the parameter types and constraints in the tool description","Ensure all required parameters are provided"])}function dt(){return nt("Not authenticated. Run 'npx @atoms-tech/atoms-mcp login' first.",["Run: npx @atoms-tech/atoms-mcp login","Or set ATOMS_ACCESS_TOKEN environment variable"])}function ct(){return nt("Your ATOMS session token expired and could not be refreshed automatically.",["Call atoms_status() — it will refresh the token if possible","If that still reports 'expired', restart Claude Desktop (quit and reopen)","If the problem persists, run: npx @atoms-tech/atoms-mcp logout && npx @atoms-tech/atoms-mcp login"])}function lt(e){return nt("Tool call rejected: project_id is outside the configured ATOMS_MCP_PROJECT_ID scope.",[`This MCP session is bound to project ${e}`,"Pass that project_id, or restart without ATOMS_MCP_PROJECT_ID to access other projects"])}function mt(e){return nt("Rate limited: too many requests to ATOMS API.",[e?`Wait ${e} seconds before retrying.`:"Wait a few seconds before retrying.","Reduce the frequency of back-to-back tool calls"])}function pt(e){return nt(`Parse error: ${et(e,Ge)}`,["Check that body/title/summary fields contain valid text (no unexpected control characters)","If the content was generated programmatically, validate the string before passing it","Simplify the content and retry — if it succeeds, the original content has a malformed character"])}function ut(e){const t=e instanceof Error?e.message:String(e);return/not authenticated/i.test(t)?dt():/jwt\s*expired|invalid.?jwt|token.*(?:has\s+)?expired|jwt.*invalid|pgrst301/i.test(t)?ct():/rate.?limit|too many requests|429/i.test(t)?mt():/invalid input syntax|invalid json|unexpected token|malformed|json parse/i.test(t)?pt(t):_t(t)}function _t(e){return/row.level security|permission denied for/i.test(e)?nt("Permission denied: your account does not have write access to this project.",["Verify you have editor or admin role in this project","Contact your org admin to upgrade your permissions","Use atoms_list_projects to confirm the project_id is one you have access to"]):nt(`Database error: ${et(e,Ge)}`,["This may be a temporary issue — try again","If the error persists, check that the project_id is valid"])}function ft(e){return null==e?e:`<user_content>${e}</user_content>`}function ht(e){const t=JSON.stringify(e,null,2);if(t.length>Je&&"success"===e.status&&Array.isArray(e.data)){const t=Math.max(1,Math.floor(e.data.length/2)),r={...e,data:e.data.slice(0,t),meta:{...e.meta,truncated:!0,truncation_message:`Response truncated from ${e.data.length} to ${t} items. Use 'offset' parameter or add filters to see more results.`}};return{content:[{type:"text",text:JSON.stringify(r,null,2)}],structuredContent:r}}return{content:[{type:"text",text:t}],structuredContent:e}}function gt(e){return{content:[{type:"text",text:JSON.stringify(e,null,2)}],structuredContent:e,isError:!0}}E(Xe,{CHARACTER_LIMIT:()=>Je,accessDeniedError:()=>st,authError:()=>dt,classifyError:()=>ut,dbError:()=>_t,errorResponse:()=>nt,formatErrorResult:()=>gt,formatToolResult:()=>ht,jwtExpiredError:()=>ct,notFoundError:()=>at,paginationMeta:()=>it,parseError:()=>pt,rateLimitError:()=>mt,sanitizeForEcho:()=>et,sanitizeTagOrLevel:()=>tt,scopeError:()=>lt,success:()=>rt,validationError:()=>ot,wrapUserContent:()=>ft});var yt,bt=I({"src/tools/_base.ts"(){Je=25e3,Qe=50,Ge=200,Ye=new RegExp("[\\u0000-\\u001F\\u007F]","g"),Ke=new RegExp("[\\u200B-\\u200F\\u202A-\\u202E\\u2060-\\u206F\\uFEFF]","g")}});var wt=I({"src/apps/register.ts"(){yt={resourceDomains:["fonts.googleapis.com","fonts.gstatic.com"]}}});async function vt(e,t,r){let i=e.from("items").select("*",{count:"exact"}).eq("project_id",t).is("deleted_at",null).order("created_at",{ascending:!0});r.type&&(i=i.eq("type",r.type)),r.domain&&(i=i.filter("data->tags->domains","cs",JSON.stringify([r.domain]))),r.level&&(i=i.filter("data->tags->>level","eq",r.level)),i=i.range(r.offset,r.offset+r.limit-1);const{data:n,error:a,count:s}=await i;if(a)throw new Error(a.message);return{items:n??[],totalCount:s??0}}async function jt(e,t,r){const{data:i,error:n}=await e.from("items").select("*").eq("id",r).eq("project_id",t).is("deleted_at",null).maybeSingle();if(n)throw new Error(n.message);return i}async function xt(e,t){if(t.baseline_id&&t.as_of)throw new Error("baseline_id and as_of are mutually exclusive");if(t.as_of)return t.as_of;if(t.baseline_id){const{data:r,error:i}=await e.from("baselines").select("project_id, snapshot_at, deleted_at").eq("id",t.baseline_id).maybeSingle();if(i)throw new Error(`resolveSnapshotAt: ${i.message}`);if(!r||null!==r.deleted_at)throw new Error(`Baseline not found: ${t.baseline_id}`);if(r.project_id!==t.project_id)throw new Error("Baseline does not belong to this project");return r.snapshot_at}return null}async function St(e,t){const{data:r,error:i}=await e.from("baselines").select("id, project_id, name, description, snapshot_at, created_at, created_by, locked_at, locked_by, deleted_at").eq("id",t).maybeSingle();if(i)throw new Error(`getBaselineById: ${i.message}`);return r&&null===r.deleted_at?r:null}function kt(e){return{id:e.id,project_id:e.project_id,type:e.type,title:e.title,data:e.data,created_by:e.changed_by,updated_by:e.changed_by,created_at:e.valid_from,updated_at:e.valid_from,deleted_at:null}}async function It(e,t,r){const{data:i,error:n}=await e.rpc("project_state_at",{p_project_id:t,p_snapshot_at:r});if(n)throw new Error(`projectStateAt: ${n.message}`);return i??[]}async function Et(e,t,r,i){const n=r.trim();if(!n)return{items:[],totalCount:0};let a=null;if(i.asset&&i.asset.trim()){const{data:r,error:n}=await e.from("test_results").select("item_id").eq("project_id",t).eq("asset",i.asset.trim());if(n)throw new Error(n.message);const s=new Set;for(const e of r??[])s.add(e.item_id);if(a=Array.from(s),0===a.length)return{items:[],totalCount:0}}let s=e.from("items").select("*",{count:"exact"}).eq("project_id",t).is("deleted_at",null).or(`title.ilike.%${n}%,data->>body.ilike.%${n}%,data->>summary.ilike.%${n}%`).limit(i.limit);i.type&&(s=s.eq("type",i.type)),a&&(s=s.in("id",a));const{data:o,error:d,count:c}=await s;if(d)throw new Error(d.message);return{items:o??[],totalCount:c??0}}function Ot(e,t){const r=new Set(e.map(e=>e.id)),i=new Set,n=[],a=(e,t,a)=>{if(e===t)return;if(!r.has(e)||!r.has(t))return;const s=`${e}|${t}|${a}`;i.has(s)||(i.add(s),n.push({from_id:e,to_id:t,type:a}))};for(const e of t)a(e.from_id,e.to_id,e.type);for(const t of e){const e=t.data?.relationships??{},r=t=>Array.isArray(e[t])?e[t].filter(e=>"string"==typeof e):[];for(const e of r("parents"))a(t.id,e,"parent");for(const e of r("children"))a(t.id,e,"child");for(const e of r("related"))a(t.id,e,"related");for(const e of r("verifies"))a(t.id,e,"verifies");for(const e of r("verified_by"))a(t.id,e,"verified_by")}return n}async function Tt(e,t,r){const i="requirement"===r?"REQ":"test-case"===r?"TC":"note"===r?"NOTE":"TABLE",{data:n,error:a}=await e.rpc("next_item_id",{p_project_id:t,p_prefix:i});if(a)throw new Error(`ID generation failed: ${a.message}`);return n}var Ut=I({"src/db/queries.ts"(){}}),At={};async function zt(){try{const e=await ye(async()=>{const e=await fe();return await async function(e){const{data:t,error:r}=await e.from("projects").select("id, name, description, org_id, created_at, organizations(name)").is("deleted_at",null).order("created_at",{ascending:!1});if(r)throw new Error(r.message);return(t??[]).map(e=>({id:e.id,name:e.name,description:e.description,org_id:e.org_id,org_name:e.organizations?.name??"Unknown",created_at:e.created_at}))}(e)}),t=We(),r=R,i=M().project_scope,n=i?new Set(i):null;return ht(rt(e.filter(e=>!r||e.org_id===r).filter(e=>!t||e.id===t).filter(e=>!n||n.has(e.id)).map(e=>({id:e.id,name:e.name,description:e.description,org_id:e.org_id,org_name:e.org_name,created_at:e.created_at}))))}catch(e){return gt(ut(e))}}E(At,{listProjectsHandler:()=>zt});var Ht=I({"src/tools/list-projects.ts"(){Se(),Ut(),Fe(),q(),bt()}}),Dt={};async function Rt(e){try{const t=await fe();let r,i,n=null;try{n=await xt(t,{baseline_id:e.baseline_id,as_of:e.as_of,project_id:e.project_id})}catch(e){return gt(_t(e.message))}if(n){const a=(await It(t,e.project_id,n)).filter(t=>{if(e.type&&t.type!==e.type)return!1;const r=t.data??{};if(e.domain){const t=r?.tags?.domains??[];if(!Array.isArray(t)||!t.includes(e.domain))return!1}return!e.level||r?.tags?.level===e.level});i=a.length,r=a.slice(e.offset,e.offset+e.limit).map(e=>({id:e.id,title:e.title,type:e.type,data:e.data}))}else{const n=await vt(t,e.project_id,{type:e.type,domain:e.domain,level:e.level,limit:e.limit,offset:e.offset});r=n.items,i=n.totalCount}return ht(rt(r.map(e=>({id:e.id,title:ft(e.title),type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),it(i,e.limit,e.offset)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(Dt,{listItemsHandler:()=>Rt});var Ct=I({"src/tools/list-items.ts"(){Se(),Ut(),bt()}}),Pt={};async function Mt(e){try{const t=await fe();let r=null;try{r=await xt(t,{baseline_id:e.baseline_id,as_of:e.as_of,project_id:e.project_id})}catch(e){return gt(nt(e.message,["Pass baseline_id OR as_of, not both"]))}const i=r?await async function(e,t,r,i){const{data:n,error:a}=await e.rpc("item_state_at",{p_item_id:r,p_project_id:t,p_snapshot_at:i});if(a)throw new Error(`itemStateAt: ${a.message}`);return(n??[])[0]??null}(t,e.project_id,e.item_id,r).then(e=>e?kt(e):null):await jt(t,e.project_id,e.item_id);if(!i)return gt(at("Item",e.item_id));const n={parents:[],children:[],related:[],verified_by:[],verifies:[]};if(r){const e=i.data?.relationships??{};for(const t of Object.keys(n)){const r=e[t];Array.isArray(r)&&(n[t]=r.slice())}}else{const r=await async function(e,t,r){const{data:i,error:n}=await e.from("item_relationships").select("from_id, to_id, type").eq("project_id",t).or(`from_id.eq.${r},to_id.eq.${r}`);if(n)throw new Error(n.message);return i??[]}(t,e.project_id,e.item_id),a={parent:"parents",child:"children",related:"related",verifies:"verifies",verified_by:"verified_by"},s={parent:"children",child:"parents",verified_by:"verifies",verifies:"verified_by",related:"related"},o=(e,t)=>{if(!(e in n))return;const r=n[e];r.includes(t)||r.push(t)};for(const t of r)t.from_id===e.item_id?o(a[t.type]??t.type,t.to_id):o(s[t.type]??t.type,t.from_id);const d=i.data?.relationships??{};for(const t of Object.keys(n)){const r=d[t];if(Array.isArray(r))for(const i of r)"string"==typeof i&&i!==e.item_id&&o(t,i)}}let a=[];if("test-case"===i.type)if(r)a=(i.data?.runs??[]).map(e=>({result:e.result??"not-run",run_by:e.by??e.run_by??null,run_at:e.date??e.run_at??"",note:e.note??null})).filter(e=>"string"==typeof e.run_at&&e.run_at.length>0).sort((e,t)=>t.run_at.localeCompare(e.run_at)).slice(0,20).map(e=>({result:e.result,run_by:e.run_by,run_at:e.run_at,note:e.note}));else{const{data:r,error:i}=await t.from("test_results").select("result, run_by, run_at, note").eq("item_id",e.item_id).eq("project_id",e.project_id).order("run_at",{ascending:!1}).limit(20);!i&&r&&(a=r)}return ht(rt({id:i.id,type:i.type,title:ft(i.title),summary:ft(i.data?.summary),body:ft(i.data?.body),tags:i.data?.tags??{domains:[]},ownership:i.data?.ownership??{primary:null,additional:[]},relationships:n,links:i.data?.links??[],status:i.data?.status,..."test-case"===i.type?{latest_result:a[0]?.result??"not-run",test_results:a}:{},metadata:{created_at:i.created_at,created_by:i.created_by,updated_at:i.updated_at,updated_by:i.updated_by,source_id:i.data?.metadata?.source_id}}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(Pt,{getItemHandler:()=>Mt});var qt=I({"src/tools/get-item.ts"(){Se(),Ut(),bt()}}),$t={};async function Nt(e){try{const t=await fe();let r,i,n=null;try{n=await xt(t,{baseline_id:e.baseline_id,project_id:e.project_id})}catch(e){return gt(_t(e.message))}if(n){const a=await It(t,e.project_id,n),s=e.query.trim().toLowerCase(),o=0===s.length?[]:a.filter(t=>{if(e.type&&t.type!==e.type)return!1;const r=t.data??{};return[t.title,r?.body,r?.summary].filter(e=>"string"==typeof e).map(e=>e.toLowerCase()).some(e=>e.includes(s))});i=o.length,r=o.slice(0,e.limit).map(e=>({id:e.id,title:e.title,type:e.type,data:e.data}))}else{const n=await Et(t,e.project_id,e.query,{type:e.type,limit:e.limit,asset:e.asset});r=n.items,i=n.totalCount}return ht(rt(r.map(e=>({id:e.id,title:ft(e.title),type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),it(i,e.limit,0)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E($t,{searchHandler:()=>Nt});var Lt=I({"src/tools/search.ts"(){Se(),Ut(),bt()}}),Wt={};async function Vt(e){try{const t=await fe(),{access_token:r}=await se(),{items:i,totalCount:n}=await async function(e,t,r,i){const{ATOMS_SUPABASE_URL:n,ATOMS_SUPABASE_ANON_KEY:a}=await Promise.resolve().then(()=>(ne(),ie)),s=await fetch(`${n}/functions/v1/embed`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${i.accessToken}`,apikey:a},body:JSON.stringify({input:r})});if(!s.ok)throw new Error(`Embed function failed: ${s.status}`);const{embedding:o}=await s.json(),{data:d,error:c}=await e.rpc("semantic_search",{query_embedding:o,p_project_id:t,match_threshold:.3,match_count:i.limit,p_type:i.type||null});if(c)throw new Error(c.message);return{items:d??[],totalCount:(d??[]).length,method:"semantic"}}(t,e.project_id,e.query,{type:e.type,limit:e.limit,accessToken:r});return ht(rt(i.map(e=>({id:e.id,title:ft(e.title),type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),it(n,e.limit,0)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(Wt,{semanticSearchHandler:()=>Vt});var Ft=I({"src/tools/semantic-search.ts"(){Se(),ue(),Ut(),bt()}}),Bt={};async function Jt(e){try{if(e.baseline_id&&e.as_of)return gt(ot("baseline_id and as_of are mutually exclusive"));const t=await fe();let r;if(e.baseline_id){const i=await St(t,e.baseline_id);if(!i)return gt(ot(`Baseline ${e.baseline_id} not found`));if(i.project_id!==e.project_id)return gt(ot("Baseline does not belong to this project"));r=i.snapshot_at}else e.as_of&&(r=e.as_of);const{covered:i,uncovered:n,total:a}=await async function(e,t,r){let i,n,a;if(r.snapshotAt){const s=(await It(e,t,r.snapshotAt)).map(kt);i=s.filter(e=>"requirement"===e.type),n=s.map(e=>({id:e.id,data:e.data})),a=[]}else{const{data:r,error:s}=await e.from("items").select("*").eq("project_id",t).eq("type","requirement").is("deleted_at",null);if(s)throw new Error(s.message);i=r??[];const{data:o,error:d}=await e.from("items").select("id, data").eq("project_id",t).is("deleted_at",null);if(d)throw new Error(d.message);n=o??[];const{data:c,error:l}=await e.from("item_relationships").select("from_id, to_id, type").eq("project_id",t);if(l)throw new Error(l.message);a=c??[]}const s=i.filter(e=>!(r.domain&&!(e.data?.tags?.domains??[]).includes(r.domain)||r.level&&e.data?.tags?.level!==r.level)),o=Ot(n,a),d=new Set;for(const e of o)"verifies"===e.type?d.add(e.to_id):"verified_by"===e.type&&d.add(e.from_id);return{covered:s.filter(e=>d.has(e.id)),uncovered:s.filter(e=>!d.has(e.id)),total:s.length}}(t,e.project_id,{domain:e.domain,level:e.level,snapshotAt:r}),s=n.map(e=>({id:e.id,title:e.title,type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level}));return ht(rt({covered:i.length,uncovered:n.length,total:a,coverage_percent:a>0?Math.round(i.length/a*1e3)/10:100,uncovered_items:s}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(Bt,{getCoverageHandler:()=>Jt});var Qt=I({"src/tools/get-coverage.ts"(){Se(),Ut(),bt()}}),Gt={};async function Yt(e){try{const t=await fe(),r=await async function(e,t,r,i){const{data:n,error:a}=await e.from("change_history").select("*").eq("item_id",r).eq("project_id",t).order("changed_at",{ascending:!1}).limit(i);if(a)throw new Error(a.message);return n??[]}(t,e.project_id,e.item_id,e.limit),i=r.map(e=>{const t=[],r=e.old_data,i=e.new_data;if(r&&i){const e=new Set([...Object.keys(r),...Object.keys(i)]);for(const n of e)JSON.stringify(r[n])!==JSON.stringify(i[n])&&t.push(n)}else i?t.push("(created)"):r&&t.push("(deleted)");return{id:e.id,event_type:e.event_type,changed_by:e.changed_by??null,changed_at:e.changed_at,actor:e.actor??"user",session_id:e.session_id??null,fields_changed:t}});return ht(rt(i,it(i.length,e.limit,0)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(Gt,{getHistoryHandler:()=>Yt});var Kt=I({"src/tools/get-history.ts"(){Se(),Ut(),bt()}}),Zt={};async function Xt(e){try{if(e.baseline_id&&e.as_of)return gt(ot("baseline_id and as_of are mutually exclusive"));const t=await fe();let r,i,n;if(e.baseline_id){const i=await St(t,e.baseline_id);if(!i)return gt(ot(`Baseline ${e.baseline_id} not found`));if(i.project_id!==e.project_id)return gt(ot("Baseline does not belong to this project"));r=i.snapshot_at}else e.as_of&&(r=e.as_of);if(r){i=(await It(t,e.project_id,r)).map(kt).map(e=>({id:e.id,title:e.title,type:e.type,data:e.data})),n=Ot(i,[])}else{const{data:r,error:a}=await t.from("items").select("id, title, type, data").eq("project_id",e.project_id).is("deleted_at",null);if(a)throw new Error(a.message);i=r??[];const{data:s,error:o}=await t.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(o)throw new Error(o.message);n=Ot(i,s??[])}if(0===i.length)return ht(rt({mermaid:"graph TD\n empty[No items in project]"}));const a=new Map;for(const e of i)a.set(e.id,e);const s=["graph TD"],o=new Set,d=new Set,c=(new Set((n??[]).filter(e=>"child"===e.type).map(e=>e.to_id)),new Set((n??[]).filter(e=>"parent"===e.type).map(e=>e.from_id)));let l;l=e.root_item_id?[e.root_item_id]:i.filter(e=>!c.has(e.id)).filter(t=>!(!e.include_tests&&"test-case"===t.type)).map(e=>e.id);const m=l.map(e=>({id:e,depth:0}));for(;m.length>0;){const{id:t,depth:r}=m.shift();if(o.has(t)||r>e.depth)continue;o.add(t);const i=a.get(t);if(!i)continue;if(!e.include_tests&&"test-case"===i.type)continue;const c=er(i.title),l="requirement"===i.type?`["${c}"]`:"test-case"===i.type?`(["${c}"])`:`("${c}")`;s.push(` ${t}${l}`);for(const i of n??[]){if(i.from_id!==t)continue;const n=a.get(i.to_id);if(!n)continue;if(!e.include_tests&&"test-case"===n.type)continue;const c=`${i.from_id}-${i.type}-${i.to_id}`;d.has(c)||(d.add(c),"child"===i.type?s.push(` ${t} --\x3e ${i.to_id}`):"verified_by"===i.type?s.push(` ${t} -.->|verified_by| ${i.to_id}`):"related"===i.type&&s.push(` ${t} -.- ${i.to_id}`),!o.has(i.to_id)&&r+1<=e.depth&&m.push({id:i.to_id,depth:r+1}))}}return ht(rt({mermaid:s.join("\n"),node_count:o.size,edge_count:d.size}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}function er(e){return e.replace(/"/g,"'").replace(/[[\]{}()]/g,"").substring(0,50)}E(Zt,{exportMermaidHandler:()=>Xt});var tr=I({"src/tools/export-mermaid.ts"(){Se(),Ut(),bt()}}),rr={};async function ir(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const i=(e.domains??[]).map(tt).filter(e=>e.length>0),n=void 0!==e.level?tt(e.level):void 0;if(i.length>0){const{data:r}=await t.from("metadata").select("domains").eq("project_id",e.project_id).maybeSingle(),n=r?.domains??[];if(n.length>0){const e=new Set(n.map(tt).filter(e=>e.length>0)),t=i.filter(t=>!e.has(t));if(t.length>0)return gt(ot(`Unknown domain${t.length>1?"s":""}: ${t.join(", ")}. Registered: ${n.join(", ")}. Add new domains via Taxonomy Management in the ATOMS web app first.`))}}const a=await Tt(t,e.project_id,e.type),s=(new Date).toISOString(),o={id:a,type:e.type,title:e.title,summary:e.summary,body:e.body,tags:{domains:i,level:n??""},ownership:{primary:null,additional:[]},relationships:{parents:e.parent_ids??[],children:[],related:[]},links:[],metadata:{created_at:s,created_by:r,updated_at:s,updated_by:r}},{error:d}=await t.rpc("save_item_with_revision",{p_item_id:a,p_project_id:e.project_id,p_type:e.type,p_title:e.title,p_data:o,p_user_id:r,p_event_source:"mcp",p_event_session_id:Fi()??null,p_diff_summary:null});if(d)throw new Error(d.message);if(e.parent_ids&&e.parent_ids.length>0)for(const i of e.parent_ids){const{error:n}=await t.rpc("apply_link_change",{p_project_id:e.project_id,p_from_id:a,p_to_id:i,p_type:"parent",p_action:"add",p_user_id:r,p_event_source:"mcp"});n&&process.stderr.write(`[atoms-mcp] Warning: parent link sync failed for ${i}: ${n.message}\n`)}return await t.from("change_history").insert({item_id:a,project_id:e.project_id,changed_by:r,event_type:"created",old_data:null,new_data:o,actor:Bi(),session_id:Fi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),!1===e.echo?ht(rt({id:a,type:e.type})):ht(rt({id:a,type:e.type,title:e.title,summary:e.summary??"",body:e.body??"",domains:i,level:n??"",project_id:e.project_id}))}catch(e){return gt(ut(e))}}E(rr,{createItemHandler:()=>ir});var nr=I({"src/tools/create-item.ts"(){Se(),Ut(),Qi(),bt()}}),ar={};async function sr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const i=async(i,n,a,s)=>{const o=await jt(t,e.project_id,i);if(!o)return{updated_fields:[],error:`Item "${i}" not found`};const d=void 0!==n.domains?n.domains.map(tt).filter(e=>e.length>0):void 0,c=void 0!==n.level?tt(n.level):void 0;if(void 0!==d&&d.length>0){const{data:r}=await t.from("metadata").select("domains").eq("project_id",e.project_id).maybeSingle(),i=r?.domains??[];if(i.length>0){const e=new Set(i.map(tt).filter(e=>e.length>0)),t=d.filter(t=>!e.has(t));if(t.length>0)return{updated_fields:[],error:`Unknown domains: ${t.join(", ")}`}}}const l={...o.data},m={...o.data},p=[],u=(e,t)=>JSON.stringify(e)!==JSON.stringify(t);if(void 0!==n.title&&u(o.data.title,n.title)&&(m.title=n.title,p.push("title")),void 0!==n.body&&u(o.data.body,n.body)&&(m.body=n.body,p.push("body")),void 0!==n.summary&&u(o.data.summary,n.summary)&&(m.summary=n.summary,p.push("summary")),void 0!==d&&u(o.data.tags?.domains??[],d)&&(m.tags={...m.tags,domains:d},p.push("domains")),void 0!==c&&u(o.data.tags?.level,c)&&(m.tags={...m.tags,level:c},p.push("level")),void 0!==n.status&&u(o.data.status,n.status)&&(m.status=n.status,p.push("status")),0===p.length)return{updated_fields:[],updatedData:o.data,itemType:o.type};m.metadata={...m.metadata,updated_at:(new Date).toISOString(),updated_by:r};const _=n.title??o.title,{data:f,error:h}=await t.rpc("save_item_with_revision",{p_item_id:i,p_project_id:e.project_id,p_type:o.type,p_title:_,p_data:m,p_user_id:r,p_event_source:"mcp",p_event_session_id:Fi()??null,p_diff_summary:null,p_expected_updated_at:n.expected_updated_at??o.updated_at});if(h)return{updated_fields:[],error:h.message};if(!f)return{updated_fields:[],error:`Update silently failed for "${i}" — RPC returned no row. Likely RLS policy denied the write; verify your role and project access.`};const g={item_id:i,project_id:e.project_id,changed_by:r,event_type:"updated",old_data:l,new_data:m,actor:Bi(),session_id:Fi()};return a&&(g.batch_id=a),s&&(g.reason=s),await t.from("change_history").insert(g).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),{updated_fields:p,updatedData:m,itemType:o.type}};if(e.updates&&Array.isArray(e.updates)){const t=crypto.randomUUID(),r=!0===e.continue_on_error,n=[],a=[];for(const s of e.updates){const{updated_fields:o,error:d}=await i(s.item_id,s,t,e.reason);if(d){if(!r)return gt(ot(`Batch stopped at "${s.item_id}": ${d}. ${n.length} item(s) already updated.`));a.push({item_id:s.item_id,error:d})}else n.push({id:s.item_id,updated_fields:o})}return ht(rt({batch_id:t,updated:n.length,results:!1===e.echo?void 0:n,errors:a}))}if(!e.item_id)return gt(ot("Provide either item_id (single) or updates[] (array form)."));const{updated_fields:n,updatedData:a,itemType:s,error:o}=await i(e.item_id,{title:e.title,body:e.body,summary:e.summary,domains:e.domains,level:e.level,status:e.status,expected_updated_at:e.expected_updated_at},void 0,e.reason);if(o)return o.includes("not found")?gt(at("Item",e.item_id)):o.includes("Unknown domain")?gt(ot(o)):gt(_t(o));if(!1===e.echo)return ht(rt({id:e.item_id,updated_fields:n}));const d=a??{};return ht(rt({id:e.item_id,type:s,title:d.title??"",summary:d.summary??"",body:d.body??"",domains:d.tags?.domains??[],level:d.tags?.level??"",updated_fields:n}))}catch(e){return gt(ut(e))}}E(ar,{updateItemHandler:()=>sr});var or,dr,cr=I({"src/tools/update-item.ts"(){Se(),Ut(),Qi(),bt()}});function lr(e){const t=process.env.ATOMS_MCP_REQUIRE_CONFIRMATION?.trim();if(t){const r=t.toLowerCase();if("1"===r||"true"===r||"all"===r)return!0;if(t.split(",").map(e=>e.trim()).filter(Boolean).includes(e))return!0}return!!M().require_confirmation_for.includes(e)}function mr(e,t=or){const r=Date.now()+t,i={...e,exp:r},n=Buffer.from(JSON.stringify(i)).toString("base64url");return{token:`${n}.${x.default.createHmac("sha256",dr).update(n).digest("base64url")}`,expires_at:new Date(r).toISOString(),expires_in_seconds:Math.round(t/1e3)}}function pr(e,t){if("string"!=typeof e||!e.includes("."))return{valid:!1,reason:"Token format invalid"};const[r,i]=e.split(".");if(!r||!i)return{valid:!1,reason:"Token format invalid"};const n=x.default.createHmac("sha256",dr).update(r).digest("base64url"),a=Buffer.from(i,"utf8"),s=Buffer.from(n,"utf8");if(a.length!==s.length||!x.default.timingSafeEqual(a,s))return{valid:!1,reason:"Token signature invalid"};let o;try{o=JSON.parse(Buffer.from(r,"base64url").toString("utf8"))}catch{return{valid:!1,reason:"Token payload malformed"}}return"number"!=typeof o.exp||o.exp<Date.now()?{valid:!1,reason:"Token expired"}:o.tool!==t.tool?{valid:!1,reason:"Token issued for a different tool"}:o.project_id!==t.project_id?{valid:!1,reason:"Token issued for a different project"}:o.target!==t.target?{valid:!1,reason:"Token issued for a different target"}:{valid:!0}}function ur(e){if(Array.isArray(e))return e.map(ur);if(null!==e&&"object"==typeof e){const t={};for(const r of Object.keys(e).sort())t[r]=ur(e[r]);return t}return e}function _r(e){const t=JSON.stringify(ur(e));return x.default.createHash("sha256").update(t).digest("base64url").slice(0,16)}var fr,hr=I({"src/middleware/confirmation.ts"(){q(),or=6e4,dr=(()=>{const e=process.env.ATOMS_MCP_CONFIRMATION_SECRET;return e&&e.length>=16?e:x.default.randomBytes(32).toString("base64url")})()}}),gr={};async function yr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const i=await async function(e,t,r){const{data:i,error:n}=await e.from("items").select("*").eq("id",r).eq("project_id",t).maybeSingle();if(n)throw new Error(n.message);return i}(t,e.project_id,e.item_id);if(!i)return gt(at("Item",e.item_id));if(i.deleted_at)return gt(ot(`Item ${e.item_id} is already deleted`));if(lr(fr)){const t={tool:fr,project_id:e.project_id,target:e.item_id};if(!e.confirmation_token){const r=mr(t);return ht(rt({status:"confirmation_required",preview:{id:e.item_id,title:i.title,type:i.type,would_soft_delete:!0},confirmation_token:r.token,expires_at:r.expires_at,expires_in_seconds:r.expires_in_seconds,message:`Re-call atoms_delete_item with the same project_id, item_id, and confirmation_token within ${r.expires_in_seconds}s to execute.`}))}const r=pr(e.confirmation_token,t);if(!r.valid)return gt(ot(`confirmation_token rejected: ${r.reason}`))}const{error:n}=await t.from("items").update({deleted_at:(new Date).toISOString()}).eq("id",e.item_id).eq("project_id",e.project_id);if(n)throw new Error(n.message);return await t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"deleted",old_data:i.data,new_data:null,actor:Bi(),session_id:Fi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),ht(rt({id:e.item_id,title:i.title,type:i.type,deleted:!0,message:`Item ${e.item_id} soft-deleted. It can still be found in audit logs.`}))}catch(e){return gt(ut(e))}}E(gr,{deleteItemHandler:()=>yr});var br=I({"src/tools/delete-item.ts"(){Se(),Ut(),Qi(),hr(),bt(),fr="atoms_delete_item"}}),wr={};async function vr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const{data:i,error:n}=await t.from("items").select("*").eq("id",e.item_id).eq("project_id",e.project_id).maybeSingle();if(n)throw new Error(n.message);if(!i)return gt(at("Item",e.item_id));if(!i.deleted_at)return gt(nt(`Item ${e.item_id} is not deleted and cannot be restored.`,["Use atoms_get_item to view the current item state","Use atoms_delete_item first if you intended to delete it"]));const{error:a}=await t.from("items").update({deleted_at:null}).eq("id",e.item_id).eq("project_id",e.project_id);if(a)throw new Error(a.message);return await t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"restored",old_data:null,new_data:i.data,actor:Bi(),session_id:Fi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),ht(rt({id:e.item_id,title:i.title,type:i.type,restored:!0,message:`Item ${e.item_id} restored successfully.`}))}catch(e){return gt(ut(e))}}E(wr,{restoreItemHandler:()=>vr});var jr=I({"src/tools/restore-item.ts"(){Se(),Qi(),bt()}}),xr={};async function Sr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const i=async(i,n,a)=>{const s=await jt(t,e.project_id,i.from_id);if(!s)throw new Error(`Item "${i.from_id}" not found`);const o=await jt(t,e.project_id,i.to_id);if(!o)throw new Error(`Item "${i.to_id}" not found`);const{error:d}=await t.rpc("apply_link_change",{p_project_id:e.project_id,p_from_id:i.from_id,p_to_id:i.to_id,p_type:i.type,p_action:i.action,p_user_id:r,p_event_source:"mcp",p_expected_from_updated_at:i.expected_from_updated_at??s.updated_at,p_expected_to_updated_at:i.expected_to_updated_at??o.updated_at});if(d)throw new Error(d.message);const c={item_id:i.from_id,project_id:e.project_id,changed_by:r,event_type:"updated",old_data:null,new_data:{relationship_change:{action:i.action,type:i.type,from:i.from_id,to:i.to_id}},actor:Bi(),session_id:Fi()};n&&(c.batch_id=n),a&&(c.reason=a),await t.from("change_history").insert(c).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)})};if(e.operations&&Array.isArray(e.operations)){for(const t of e.operations)if(t.from_id===t.to_id)return gt(ot(`Self-reference in batch: "${t.from_id}"`));const r=[...new Set(e.operations.flatMap(e=>[e.from_id,e.to_id]))],{data:n}=await t.from("items").select("id").eq("project_id",e.project_id).is("deleted_at",null).in("id",r),a=new Set((n??[]).map(e=>e.id)),s=r.filter(e=>!a.has(e));if(s.length>0)return gt(at("Items",s.join(", ")));const{data:o}=await t.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id),d=new Map;for(const e of o??[])"parent"===e.type&&(d.has(e.from_id)||d.set(e.from_id,new Set),d.get(e.from_id).add(e.to_id));for(const t of e.operations){if("parent"!==t.type&&"child"!==t.type)continue;const[e,r]="parent"===t.type?[t.from_id,t.to_id]:[t.to_id,t.from_id];"remove"===t.action?d.get(e)?.delete(r):(d.has(e)||d.set(e,new Set),d.get(e).add(r))}const c=0,l=1,m=2,p=new Map,u=new Set;for(const[e,t]of d){u.add(e);for(const e of t)u.add(e)}const _=e=>{if((p.get(e)??c)!==c)return null;const t=[],r=[],i=e=>{p.set(e,l),r.push(e),t.push({node:e,parents:[...d.get(e)??[]],idx:0})};for(i(e);t.length>0;){const e=t[t.length-1];if(e.idx>=e.parents.length){p.set(e.node,m),r.pop(),t.pop();continue}const n=e.parents[e.idx];e.idx++;const a=p.get(n)??c;if(a===l){const e=r.indexOf(n);return[...r.slice(e),n]}a!==m&&i(n)}return null};for(const e of u){const t=_(e);if(t)return gt(ot(`Batch would create a cycle: ${t.join(" -> ")}. No changes applied.`))}const f=crypto.randomUUID(),h=e.operations.filter(e=>"remove"===e.action),g=e.operations.filter(e=>"add"===e.action);for(const t of[...h,...g])await i(t,f,e.reason);return ht(rt({batch_id:f,processed:e.operations.length,operations:!1===e.echo?void 0:e.operations}))}return e.from_id&&e.to_id&&e.type&&e.action?e.from_id===e.to_id?gt(ot("Cannot create a relationship between an item and itself")):(await i({action:e.action,from_id:e.from_id,to_id:e.to_id,type:e.type,expected_from_updated_at:e.expected_from_updated_at,expected_to_updated_at:e.expected_to_updated_at},void 0,e.reason),!1===e.echo?ht(rt({action:e.action,from_id:e.from_id,to_id:e.to_id})):ht(rt({action:e.action,type:e.type,from_id:e.from_id,to_id:e.to_id,message:`Relationship ${"add"===e.action?"added":"removed"}: ${e.from_id} --[${e.type}]--\x3e ${e.to_id}`}))):gt(ot("Provide (from_id, to_id, type, action) for single-op or operations[] for batch."))}catch(e){return gt(ut(e))}}E(xr,{linkItemsHandler:()=>Sr});var kr=I({"src/tools/link-items.ts"(){Se(),Ut(),Qi(),bt()}}),Ir={};async function Er(e){try{if(!e.items||0===e.items.length)return gt(ot("items array must contain at least 1 item"));if(e.items.length>100)return gt(ot(`Maximum 100 items per call (received ${e.items.length}). Split into multiple calls.`));const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const i=await async function(e,t,r){const{data:i}=await e.from("metadata").select("domains").eq("project_id",t).maybeSingle(),n=i?.domains??[],a=n.length>0?new Set(n.map(tt).filter(e=>e.length>0)):null,s=_r(n.map(tt).filter(e=>e.length>0).sort()),o=[],d=new Set,c={};for(let e=0;e<r.length;e++){const t=r[e];if(c[t.type]=(c[t.type]??0)+1,!a)continue;const i=(t.domains??[]).map(tt).filter(e=>e.length>0);if(0===i.length)continue;const s=i.filter(e=>!a.has(e));s.length>0&&(d.add(e),o.push({index:e,title:t.title,error:`Unknown domain${s.length>1?"s":""}: ${s.join(", ")}. Registered: ${n.join(", ")}.`}))}return{registeredDomains:n,registeredDomainHash:s,invalidDomainIndexes:d,errors:o,typeBreakdown:c}}(t,e.project_id,e.items);if(lr("atoms_bulk_import")){const t={tool:"atoms_bulk_import",project_id:e.project_id,target:_r({items:e.items,registered_domain_hash:i.registeredDomainHash})};if(!e.confirmation_token){const r=mr(t);return ht(rt({status:"confirmation_required",preview:{total_items:e.items.length,by_type:i.typeBreakdown,sample_titles:e.items.slice(0,5).map(e=>e.title),would_fail:i.errors.length>0,errors:i.errors,registered_domain_hash:i.registeredDomainHash},confirmation_token:r.token,expires_at:r.expires_at,expires_in_seconds:r.expires_in_seconds,message:`Re-call atoms_bulk_import with the same project_id, items array, and confirmation_token within ${r.expires_in_seconds}s to execute. Changing items or project domains will invalidate the token.`}))}const r=pr(e.confirmation_token,t);if(!r.valid)return gt(ot(`confirmation_token rejected: ${r.reason}`))}const n=(new Date).toISOString(),a=Fi(),s=[],o=[...i.errors],d=[];for(let r=0;r<e.items.length;r++){const n=e.items[r];if(i.invalidDomainIndexes.has(r))continue;const a=(n.domains??[]).map(tt).filter(e=>e.length>0),s=void 0!==n.level?tt(n.level):void 0;try{const i=await Tt(t,e.project_id,n.type);d.push({itemId:i,input:n,sanitizedDomains:a,sanitizedLevel:s,index:r})}catch(e){o.push({index:r,title:n.title,error:`ID generation failed: ${e instanceof Error?e.message:String(e)}`})}}if(0===d.length)return ht(rt({created:0,items:[],errors:o}));const c=[],l=new Map;for(const{itemId:t,input:i,sanitizedDomains:a,sanitizedLevel:s}of d){const o={id:t,type:i.type,title:i.title,summary:i.summary,body:i.body,tags:{domains:a,level:s??""},ownership:{primary:null,additional:[]},relationships:{parents:i.parent_id?[i.parent_id]:[],children:[],related:[]},links:[],metadata:{created_at:n,created_by:r,updated_at:n,updated_by:r}};l.set(t,o),c.push({id:t,project_id:e.project_id,type:i.type,title:i.title,data:o,created_by:r,updated_by:r})}const m=c.map(e=>({id:e.id,type:e.type,title:e.title,data:e.data})),{error:p}=await t.rpc("bulk_save_items_with_revisions",{p_project_id:e.project_id,p_items:m,p_user_id:r,p_event_source:"mcp"});if(p)for(const{itemId:i,input:n,index:l}of d){const d=c.find(e=>e.id===i);if(!d)continue;const{error:m}=await t.rpc("save_item_with_revision",{p_item_id:d.id,p_project_id:e.project_id,p_type:d.type,p_title:d.title,p_data:d.data,p_user_id:r,p_event_source:"mcp",p_event_session_id:a,p_diff_summary:null});m?o.push({index:l,title:n.title,error:m.message}):s.push({id:i,title:n.title,type:n.type})}else for(const{itemId:e,input:t}of d)s.push({id:e,title:t.title,type:t.type});const u=d.filter(({input:e})=>e.parent_id).filter(({itemId:e})=>s.some(t=>t.id===e)).map(({itemId:t,input:r})=>({from_id:t,to_id:r.parent_id,type:"parent",project_id:e.project_id}));if(u.length>0)for(const i of u){const{error:n}=await t.rpc("apply_link_change",{p_project_id:e.project_id,p_from_id:i.from_id,p_to_id:i.to_id,p_type:"parent",p_action:"add",p_user_id:r,p_event_source:"mcp"});n&&process.stderr.write(`[atoms-mcp] Warning: bulk parent link sync failed for ${i.to_id}: ${n.message}\n`)}const _=s.map(t=>({item_id:t.id,project_id:e.project_id,changed_by:r,event_type:"created",old_data:null,new_data:l.get(t.id)??null,actor:Bi(),session_id:a}));return _.length>0&&await t.from("change_history").insert(_).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: bulk change_history log failed: ${e.message}\n`)}),ht(rt({created:s.length,items:s,errors:o.length>0?o:[],project_id:e.project_id}))}catch(e){return gt(ut(e))}}E(Ir,{bulkImportHandler:()=>Er});var Or=I({"src/tools/bulk-import.ts"(){Se(),Ut(),Qi(),hr(),bt()}}),Tr={};async function Ur(e){try{const t=await fe(),r=be(),i=we();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const n=await jt(t,e.project_id,e.item_id);if(!n)return gt(at("Item",e.item_id));if("test-case"!==n.type)return gt(ot(`Item '${e.item_id}' is a ${n.type}, not a test-case`));const a=(e.asset??"").trim(),s=(new Date).toISOString(),{data:o,error:d}=await t.rpc("record_test_results_bulk",{p_project_id:e.project_id,p_item_id:e.item_id,p_run_by:i||r,p_actor_user_id:r,p_results:[{result:e.result,note:e.note,asset:a||void 0,date:s}]});if(d)throw new Error(d.message);const c=Array.isArray(o)?o[0]:o?.[0];await t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"test_result_recorded",old_data:null,new_data:{result:e.result,run_at:s,note:e.note,asset:a||null},actor:Bi(),session_id:Fi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)});const l=a?` (asset: ${a})`:"";return ht(rt({item_id:e.item_id,result:e.result,run_at:s,run_by:i||r,note:e.note??null,asset:a||null,asset_id:c?.asset_id??null,asset_created:c?.asset_created??!1,message:`Test result '${e.result}' recorded for ${e.item_id}${l}`}))}catch(e){return gt(ut(e))}}E(Tr,{recordTestResultHandler:()=>Ur});var Ar=I({"src/tools/record-test-result.ts"(){Se(),Ut(),Qi(),bt()}}),zr={};async function Hr(e){try{const t=await fe(),r=be(),i=we();if(!Array.isArray(e.results)||0===e.results.length)return gt(ot("results must be a non-empty array"));if(e.results.length>100)return gt(ot(`results must have at most 100 entries (got ${e.results.length})`));try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const n=await jt(t,e.project_id,e.item_id);if(!n)return gt(at("Item",e.item_id));if("test-case"!==n.type)return gt(ot(`Item '${e.item_id}' is a ${n.type}, not a test-case`));const{data:a,error:s}=await t.rpc("record_test_results_bulk",{p_project_id:e.project_id,p_item_id:e.item_id,p_run_by:i||r,p_actor_user_id:r,p_results:e.results});if(s)throw new Error(s.message);return t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"test_result_recorded",old_data:null,new_data:{bulk:!0,count:e.results.length,results:a},actor:Bi(),session_id:Fi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),ht(rt({item_id:e.item_id,count:e.results.length,results:a,message:`Recorded ${e.results.length} test results for ${e.item_id}`}))}catch(e){return gt(ut(e))}}E(zr,{recordTestResultsBulkHandler:()=>Hr});var Dr,Rr,Cr,Pr,Mr=I({"src/tools/record-test-results-bulk.ts"(){Se(),Ut(),Qi(),bt()}}),qr={};async function $r(e){try{const t=Math.min(Math.max(e.depth??5,1),10),r=await fe(),i=await jt(r,e.project_id,e.item_id);if(!i)return gt(at("Item",e.item_id));const{data:n,error:a}=await r.from("items").select("id, title, type, data").eq("project_id",e.project_id).is("deleted_at",null);if(a)throw new Error(a.message);const{data:s,error:o}=await r.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(o)throw new Error(o.message);const d=Ot(n??[],s??[]),c=new Map;for(const e of n??[])c.set(e.id,{title:e.title,type:e.type});const l=new Map,m=(e,t,r)=>{l.has(e)||l.set(e,[]),l.get(e).push({neighbor:t,relType:r})},p=e.relationship_types?new Set(e.relationship_types):null;for(const t of d??[]){const r=t.type;if(("upstream"===e.direction||"both"===e.direction)&&(Rr.includes(r)&&(p&&!p.has(r)||m(t.from_id,t.to_id,r)),Cr.includes(r))){const e=Pr[r]??r;p&&!p.has(e)||m(t.to_id,t.from_id,e)}if(("downstream"===e.direction||"both"===e.direction)&&(Cr.includes(r)&&(p&&!p.has(r)||m(t.from_id,t.to_id,r)),Rr.includes(r))){const e=Pr[r]??r;p&&!p.has(e)||m(t.to_id,t.from_id,e)}"related"===r&&(p&&!p.has("related")||(m(t.from_id,t.to_id,"related"),m(t.to_id,t.from_id,"related")))}const u=new Set;u.add(e.item_id);const _=[],f=[],h=[],g=l.get(e.item_id)??[];for(const t of g)h.push({id:t.neighbor,depth:1,relType:t.relType,from:e.item_id});for(;h.length>0&&_.length<Dr;){const{id:e,depth:r,relType:i,from:n}=h.shift();if(u.has(e)||r>t)continue;u.add(e);const a=c.get(e);if(a&&(_.push({id:e,title:a.title,type:a.type,relationship:i,depth:r,from:n}),f.push({from:n,to:e,type:i}),r<t)){const t=l.get(e)??[];for(const i of t)u.has(i.neighbor)||h.push({id:i.neighbor,depth:r+1,relType:i.relType,from:e})}}const y=c.get(e.item_id),b=y?{id:e.item_id,title:y.title,type:y.type,relationship:"root",depth:0,from:e.item_id}:{id:e.item_id,title:i.title??e.item_id,type:i.type??"unknown",relationship:"root",depth:0,from:e.item_id};return ht(rt({root:e.item_id,direction:e.direction,depth_limit:t,items:[b,..._],edges:f,total_count:_.length+1,..._.length>=Dr?{truncated:!0,truncation_message:`Results capped at ${Dr} items. Use a smaller depth or filter by relationship_types.`}:{}}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(qr,{traceHandler:()=>$r});var Nr=I({"src/tools/trace.ts"(){Se(),Ut(),bt(),Dr=200,Rr=["parent","verifies"],Cr=["child","verified_by"],Pr={parent:"child",child:"parent",verifies:"verified_by",verified_by:"verifies",related:"related"}}}),Lr={};async function Wr(e){try{let t=(await fe()).from("assets").select("id, name, archived_at, created_at").eq("project_id",e.project_id).order("name");e.include_archived||(t=t.is("archived_at",null));const{data:r,error:i}=await t;if(i)throw new Error(i.message);return ht(rt({assets:r||[],total:(r||[]).length}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(Lr,{listAssetsHandler:()=>Wr});var Vr=I({"src/tools/assets.ts"(){Se(),bt()}}),Fr={};async function Br(e,t,r,i){if(r&&i)throw new Error("baseline_id and as_of are mutually exclusive");if(i)return i;if(!r)return null;const{data:n,error:a}=await e.from("baselines").select("project_id, snapshot_at, deleted_at").eq("id",r).maybeSingle();if(a)throw new Error(a.message);if(!n||n.project_id!==t||n.deleted_at)throw new Error("Baseline not found for this project");return n.snapshot_at}async function Jr(e,t,r){if(r){const{data:i,error:n}=await e.rpc("variables_at",{p_project_id:t,p_snapshot_at:r});if(n)throw new Error(n.message);return i??[]}const{data:i,error:n}=await e.from("project_variables").select("*").eq("project_id",t).order("name");if(n)throw new Error(n.message);return i??[]}async function Qr(e,t,r,i){const{data:n,error:a}=await e.rpc("save_variable_with_revision",{p_project_id:t.project_id,p_name:t.name,p_value:t.value,p_unit:t.unit??null,p_description:t.description??null,p_is_signal:t.is_signal??!1,p_range_min:t.range_min??null,p_range_max:t.range_max??null,p_rate_ms:t.rate_ms??null,p_user_id:r,p_event_source:i,p_variable_id:t.id??null});if(a)throw new Error(a.message);return n}async function Gr(e){try{const t=await fe(),r=await Br(t,e.project_id,e.baseline_id,e.as_of),i=await Jr(t,e.project_id,r);return ht(rt({variables:i,total:i.length}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}async function Yr(e){try{const t=await fe(),r=await Br(t,e.project_id,e.baseline_id,e.as_of),i=(await Jr(t,e.project_id,r)).find(t=>t.name===e.variable_name)??null;if(!i)return gt(at("Variable",e.variable_name));const{data:n}=await t.from("items").select("id, title, type").eq("project_id",e.project_id).is("deleted_at",null),a=`{${e.variable_name}}`,s=(n||[]).filter(e=>(e.data?.body||"").includes(a));return ht(rt({variable:i,referenced_by:s.map(e=>({id:e.id,title:e.title,type:e.type})),reference_count:s.length}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}async function Kr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const i=await t.from("project_variables").select("*").eq("project_id",e.project_id).eq("name",e.variable_name).maybeSingle();if(!i.data)return gt(at("Variable",e.variable_name));const n={updated_by:r,updated_at:(new Date).toISOString()};return void 0!==e.value&&(n.value=e.value),void 0!==e.unit&&(n.unit=e.unit||null),void 0!==e.description&&(n.description=e.description||null),ht(rt({variable:await Qr(t,{...i.data,...n,project_id:e.project_id,name:e.variable_name,value:n.value??i.data.value,unit:n.unit??i.data.unit,description:n.description??i.data.description},r,"mcp")}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}async function Zr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const i=/^[a-zA-Z_][a-zA-Z0-9_]*$/;if(e.variables&&Array.isArray(e.variables)){const n=e.variables.filter(e=>!i.test(e.name));if(n.length>0)return gt(ot(`Invalid variable name(s): ${n.map(e=>e.name).join(", ")}. Use letters, digits, underscores; must start with letter or underscore.`));const a=e.variables.map(e=>e.name),s=a.filter((e,t)=>a.indexOf(e)!==t);if(s.length>0)return gt(ot(`Duplicate names in batch: ${[...new Set(s)].join(", ")}`));const{data:o}=await t.from("project_variables").select("name").eq("project_id",e.project_id).in("name",a),d=(o??[]).map(e=>e.name);if(d.length>0)return gt(ot(`Variable(s) already exist: ${d.join(", ")}. Remove them from the batch or use atoms_update_variable to change values.`));const c=e.variables.map(t=>({project_id:e.project_id,name:t.name,value:t.value,unit:t.unit??null,description:t.description??null,created_by:r,updated_by:r})),l=await async function(e,t,r,i){const{data:n,error:a}=await e.rpc("bulk_save_variables_with_revisions",{p_project_id:t,p_variables:r,p_user_id:i,p_event_source:"mcp"});if(a)throw new Error(a.message);return n??[]}(t,e.project_id,c,r);return ht(rt({batch_id:crypto.randomUUID(),created:(l??[]).length,variables:!1===e.echo?(l??[]).map(e=>({name:e.name})):l??[],message:`${(l??[]).length} variable(s) created. Reference them as {name} in requirement bodies.`}))}if(!e.name||!e.value)return gt(ot("Provide either (name, value) for single variable or variables[] for batch."));if(!i.test(e.name))return gt(ot(`Variable name "${e.name}" is invalid. Use letters, digits, and underscores only; must start with a letter or underscore.`));const{data:n}=await t.from("project_variables").select("name").eq("project_id",e.project_id).eq("name",e.name).maybeSingle();if(n)return gt(ot(`Variable "${e.name}" already exists in this project.`));const a=await Qr(t,{project_id:e.project_id,name:e.name,value:e.value,unit:e.unit??null,description:e.description??null},r,"mcp");return!1===e.echo?ht(rt({name:e.name})):ht(rt({variable:a,message:`Variable "${e.name}" created. Reference it in requirement bodies as {${e.name}}.`}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}async function Xr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const{data:i}=await t.from("project_variables").select("id").eq("project_id",e.project_id).eq("name",e.name).maybeSingle();if(!i)return gt(at("Variable",e.name));const{data:n}=await t.from("items").select("id").eq("project_id",e.project_id).is("deleted_at",null).filter("data->>body","ilike",`%{${e.name}}%`),a=(n??[]).length;if(a>0&&!e.force)return gt(ot(`Variable "${e.name}" is referenced in ${a} item${a>1?"s":""}. Use force=true to delete anyway, or remove all {${e.name}} references first.`));if(lr("atoms_delete_variable")){const t={tool:"atoms_delete_variable",project_id:e.project_id,target:e.name};if(!e.confirmation_token){const r=mr(t);return ht(rt({status:"confirmation_required",preview:{variable_name:e.name,referenced_by_items:a,would_orphan_references:a>0},confirmation_token:r.token,expires_at:r.expires_at,expires_in_seconds:r.expires_in_seconds,message:`Re-call atoms_delete_variable with the same project_id, name, and confirmation_token within ${r.expires_in_seconds}s to execute.`}))}const r=pr(e.confirmation_token,t);if(!r.valid)return gt(ot(`confirmation_token rejected: ${r.reason}`))}const s=await async function(e,t,r,i){const{data:n,error:a}=await e.rpc("delete_variable_with_revision",{p_project_id:t,p_variable_id:r,p_user_id:i,p_event_source:"mcp"});if(a)throw new Error(a.message);return Boolean(n)}(t,e.project_id,i.id,r);return s?ht(rt({deleted:!0,name:e.name,referenced_by_items:a,warning:a>0?`${a} item${a>1?"s":""} still contain {${e.name}} — those references are now unresolved.`:void 0})):gt(at("Variable",e.name))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(Fr,{createVariableHandler:()=>Zr,deleteVariableHandler:()=>Xr,getVariableHandler:()=>Yr,listVariablesHandler:()=>Gr,updateVariableHandler:()=>Kr});var ei=I({"src/tools/variables.ts"(){Se(),hr(),bt()}}),ti={};async function ri(e,t){const{data:r}=await e.from("metadata").select("domains, levels").eq("project_id",t).maybeSingle();return{domains:r?.domains??[],levels:r?.levels??[]}}async function ii(e,t,r,i){const{error:n}=await e.from("metadata").upsert({project_id:t,domains:r,levels:i},{onConflict:"project_id"});if(n)throw new Error(n.message)}async function ni(e){try{const t=await fe(),{domains:r}=await ri(t,e.project_id),{counts:i,orphans:n}=await async function(e,t,r){const{data:i}=await e.from("items").select("data").eq("project_id",t).is("deleted_at",null),n={};for(const e of r)n[e]=0;const a={};for(const e of i??[]){const t=e.data?.tags?.domains??[];for(const e of t)a[e]=(a[e]??0)+1,e in n&&n[e]++}const s=new Set(r),o={};for(const[e,t]of Object.entries(a))s.has(e)||(o[e]=t);return{counts:n,orphans:o}}(t,e.project_id,r),a=r.map(e=>({name:e,registered:!0,item_count:i[e]??0})),s=Object.entries(n).map(([e,t])=>({name:e,registered:!1,item_count:t})).sort((e,t)=>e.name.localeCompare(t.name)),o=[...a,...s];return ht(rt({domains:o,total:o.length,registered_count:a.length,unregistered_count:s.length,note:s.length>0?`${s.length} unregistered tag(s) found on items. Use atoms_create_domain to register them, or atoms_update_item to remove them.`:void 0}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}async function ai(e){try{const t=await fe();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const{domains:r,levels:i}=await ri(t,e.project_id),n=e.name.trim().toLowerCase();return n?r.includes(n)?gt(ot(`Domain "${n}" already exists in this project.`)):(await ii(t,e.project_id,[...r,n],i),ht(rt({domain:{name:n},message:`Domain "${n}" registered. You can now tag items with domains=["${n}"].`}))):gt(ot("Domain name cannot be empty."))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}async function si(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const{domains:i,levels:n}=await ri(t,e.project_id),a=e.name.trim().toLowerCase(),s=e.new_name.trim().toLowerCase();if(!s)return gt(ot("new_name cannot be empty."));const o=i.includes(a);if(!o){const{data:r}=await t.from("items").select("id").eq("project_id",e.project_id).is("deleted_at",null).filter("data->tags->domains","cs",JSON.stringify([a])).limit(1);if(!r||0===r.length)return gt(at("Domain",a))}if(s!==a&&i.includes(s))return gt(ot(`Domain "${s}" already exists. Choose a different name.`));const{data:d,error:c}=await t.from("items").select("id, data").eq("project_id",e.project_id).is("deleted_at",null).filter("data->tags->domains","cs",JSON.stringify([a]));if(c)throw new Error(c.message);const l=(d??[]).length;if(e.dry_run)return ht(rt({dry_run:!0,rename:{from:a,to:s},items_affected:l,message:`Dry run: renaming "${a}" → "${s}" would update ${l} item${1!==l?"s":""}. Call again with dry_run=false to apply.`}));let m;m=o?i.map(e=>e===a?s:e):i.includes(s)?i:[...i,s],await ii(t,e.project_id,m,n);const{error:p}=await t.rpc("apply_domain_change",{p_project_id:e.project_id,p_old_domain:a,p_new_domain:s,p_user_id:r,p_event_source:"mcp"});if(p)throw new Error(p.message);return ht(rt({domain:{name:s},renamed_from:a,items_updated:l,message:`Domain renamed "${a}" → "${s}". ${l} item${1!==l?"s":""} updated.`}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}async function oi(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return gt(st("Viewer"));throw e}const{domains:i,levels:n}=await ri(t,e.project_id),a=e.name.trim().toLowerCase(),s=i.includes(a),{data:o,error:d}=await t.from("items").select("id, data").eq("project_id",e.project_id).is("deleted_at",null).filter("data->tags->domains","cs",JSON.stringify([a]));if(d)throw new Error(d.message);const c=(o??[]).length;if(!s&&0===c)return gt(at("Domain",a));if(c>0&&!e.force)return gt(ot(`Domain "${a}" is used by ${c} item${c>1?"s":""}. Use force=true to delete and strip the domain from all items, or re-tag them first.`));if(lr("atoms_delete_domain")){const t={tool:"atoms_delete_domain",project_id:e.project_id,target:a};if(!e.confirmation_token){const e=mr(t);return ht(rt({status:"confirmation_required",preview:{domain_name:a,items_using_count:c,would_strip_from_items:c>0},confirmation_token:e.token,expires_at:e.expires_at,expires_in_seconds:e.expires_in_seconds,message:`Re-call atoms_delete_domain with the same project_id, name, and confirmation_token within ${e.expires_in_seconds}s to execute.`}))}const r=pr(e.confirmation_token,t);if(!r.valid)return gt(ot(`confirmation_token rejected: ${r.reason}`))}const l=s?i.filter(e=>e!==a):i;if(await ii(t,e.project_id,l,n),c>0){const{error:i}=await t.rpc("apply_domain_change",{p_project_id:e.project_id,p_old_domain:a,p_new_domain:null,p_user_id:r,p_event_source:"mcp"});if(i)throw new Error(i.message)}return ht(rt({deleted:!0,name:a,items_updated:c,message:c>0?`Domain "${a}" deleted and stripped from ${c} item${c>1?"s":""}.`:`Domain "${a}" deleted.`}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(ti,{createDomainHandler:()=>ai,deleteDomainHandler:()=>oi,listDomainsHandler:()=>ni,updateDomainHandler:()=>si});var di=I({"src/tools/domains.ts"(){Se(),hr(),bt()}}),ci={};async function li(e){try{const t=await fe(),{data:r,error:i}=await t.from("projects").select("id, name").eq("id",e.project_id).is("deleted_at",null).maybeSingle(),n=r?.name??null,a=i?.message??null,{data:s,error:o}=await t.from("items").select("id, type, data").eq("project_id",e.project_id).is("deleted_at",null);if(o)throw new Error(o.message);const d=s??[];if(!n&&0===d.length){if(a)throw new Error(a);return gt(at("Project",e.project_id))}const c={requirements:0,test_cases:0,notes:0},l=[],m=[];for(const e of d)if("requirement"===e.type){c.requirements++;const t=e.data?.tags?.domains??[];m.push({id:e.id,domains:t})}else"test-case"===e.type?(c.test_cases++,l.push(e.id)):"note"===e.type&&c.notes++;const p={passed:0,failed:0,blocked:0,not_run:0};if(l.length>0){const{data:r,error:i}=await t.from("test_results").select("item_id, result, run_at").eq("project_id",e.project_id).order("run_at",{ascending:!1});if(i)throw new Error(i.message);const n=new Map;for(const e of r??[])n.has(e.item_id)||n.set(e.item_id,e.result);for(const e of l){const t=n.get(e);t&&"not-run"!==t?"passed"===t?p.passed++:"failed"===t?p.failed++:"blocked"===t?p.blocked++:p.not_run++:p.not_run++}}const{data:u,error:_}=await t.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(_)throw new Error(_.message);const f=Ot(s??[],u??[]),h=new Set;for(const e of f)"verifies"===e.type?h.add(e.to_id):"verified_by"===e.type&&h.add(e.from_id);const g=m.filter(e=>h.has(e.id)).length,y=m.length,b={covered:g,uncovered:y-g,total:y,percent:y>0?Math.round(g/y*1e3)/10:100},w=new Map;for(const e of m){const t=e.domains.length>0?e.domains:["(untagged)"],r=h.has(e.id);for(const e of t){w.has(e)||w.set(e,{covered:0,total:0});const t=w.get(e);t.total++,r&&t.covered++}}const v=Array.from(w.entries()).sort((e,t)=>e[0].localeCompare(t[0])).map(([e,t])=>({domain:e,covered:t.covered,total:t.total,percent:t.total>0?Math.round(t.covered/t.total*1e3)/10:100})),j=new Date;j.setDate(j.getDate()-7);const{count:x,error:S}=await t.from("change_history").select("id",{count:"exact",head:!0}).eq("project_id",e.project_id).gte("changed_at",j.toISOString());if(S)throw new Error(S.message);return ht(rt({project_id:e.project_id,project_name:n??`Project ${e.project_id.slice(0,8)}`,counts:c,test_status:p,coverage:b,coverage_by_domain:v,recent_changes:x??0,last_updated:(new Date).toISOString()}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(ci,{projectSummaryHandler:()=>li});var mi,pi=I({"src/tools/project-summary.ts"(){Se(),Ut(),bt()}}),ui={};async function _i(e){try{const t=await fe();let r,i;if(e.query&&e.query.trim().length>0){const n=await Et(t,e.project_id,e.query,{type:e.type,limit:e.limit});r=n.items.map(e=>({id:e.id,title:e.title,type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),i=n.totalCount}else{const n=await vt(t,e.project_id,{type:e.type,domain:e.domain,level:e.level,limit:e.limit,offset:e.offset});r=n.items.map(e=>({id:e.id,title:e.title,type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),i=n.totalCount}const n=await async function(e,t){const{data:r,error:i}=await e.from("items").select("data").eq("project_id",t).is("deleted_at",null);if(i)throw new Error(i.message);const n=new Set,a=new Set;for(const e of r??[]){const t=e.data?.tags;if(t){const e=t.domains;if(e)for(const t of e)n.add(t);const r=t.level;r&&a.add(r)}}return{domains:[...n].sort(),levels:[...a].sort()}}(t,e.project_id);return ht(rt({items:r,filters:{domains:n.domains,levels:n.levels,types:mi},project_id:e.project_id},it(i,e.limit,e.offset)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(ui,{browseHandler:()=>_i});var fi,hi,gi,yi,bi=I({"src/tools/browse.ts"(){Se(),Ut(),bt(),mi=["requirement","test-case","note","table"]}}),wi={};async function vi(e){try{const t=e.direction??"downstream",r=null!=e.depth?Math.min(Math.max(e.depth,1),20):null,i=await fe(),n=await jt(i,e.project_id,e.item_id);if(!n)return gt(at("Item",e.item_id));const{data:a,error:s}=await i.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(s)throw new Error(s.message);const{data:o,error:d}=await i.from("items").select("id, title, type").eq("project_id",e.project_id).is("deleted_at",null);if(d)throw new Error(d.message);const c=new Map;for(const e of o??[])c.set(e.id,{title:e.title,type:e.type});const l=new Map,m=(e,t,r)=>{l.has(e)||l.set(e,[]),l.get(e).push({neighbor:t,relType:r})};for(const e of a??[]){const r=e.type;"upstream"!==t&&"both"!==t||(hi.includes(r)&&m(e.from_id,e.to_id,r),gi.includes(r)&&m(e.to_id,e.from_id,yi[r]??r)),"downstream"!==t&&"both"!==t||(gi.includes(r)&&m(e.from_id,e.to_id,r),hi.includes(r)&&m(e.to_id,e.from_id,yi[r]??r)),"related"===r&&(m(e.from_id,e.to_id,"related"),m(e.to_id,e.from_id,"related"))}const p=new Set;p.add(e.item_id);const u=[];let _=0;const f=[];for(const t of l.get(e.item_id)??[])f.push({id:t.neighbor,depth:1,path:[{from_id:e.item_id,to_id:t.neighbor,relationship_type:t.relType}]});for(;f.length>0&&u.length<fi;){const{id:e,depth:t,path:i}=f.shift();if(p.has(e))continue;if(null!==r&&t>r)continue;p.add(e);const n=c.get(e);if(n&&(u.push({item_id:e,title:ft(n.title),type:n.type,depth:t,relationship_path:i}),t>_&&(_=t),null===r||t<r))for(const r of l.get(e)??[])p.has(r.neighbor)||f.push({id:r.neighbor,depth:t+1,path:[...i,{from_id:e,to_id:r.neighbor,relationship_type:r.relType}]})}let h=0;if(e.include_variable_refs){const{data:t}=await i.from("variable_references").select("variable_id").eq("item_id",e.item_id).eq("project_id",e.project_id),r=[...new Set((t??[]).map(e=>e.variable_id))];if(r.length>0){const{data:t}=await i.from("project_variables").select("id, name").in("id",r),n=new Map((t??[]).map(e=>[e.id,e.name])),{data:a}=await i.from("variable_references").select("variable_id, item_id").in("variable_id",r).eq("project_id",e.project_id).neq("item_id",e.item_id);for(const t of a??[]){const r=t.item_id;if(p.has(r))continue;if(u.length>=fi)break;p.add(r);const i=c.get(r);if(!i)continue;const a=n.get(t.variable_id)??t.variable_id;u.push({item_id:r,title:ft(i.title),type:i.type,depth:1,relationship_path:[{from_id:e.item_id,to_id:r,relationship_type:`variable_ref:${a}`}]}),h++}}}const g={};for(const e of u)g[e.type]=(g[e.type]??0)+1;const y=c.get(e.item_id);return ht(rt({root:{item_id:e.item_id,title:ft(y?.title??n.title),type:y?.type??n.type},impacted_items:u,summary:{total_impacted:u.length,by_type:g,max_depth_reached:_,...h>0?{variable_impact_count:h}:{},...u.length>=fi?{truncated:!0}:{}}}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):gt(_t(e instanceof Error?e.message:String(e)))}}E(wi,{impactAnalysisHandler:()=>vi});var ji=I({"src/tools/impact-analysis.ts"(){Se(),Ut(),bt(),fi=200,hi=["parent","verifies","traces_to","allocated_from","decomposed_from"],gi=["child","verified_by","allocated_to","decomposes_to","traced_by"],yi={parent:"child",child:"parent",verifies:"verified_by",verified_by:"verifies",related:"related",traces_to:"traced_by",traced_by:"traces_to",allocated_to:"allocated_from",allocated_from:"allocated_to",decomposes_to:"decomposed_from",decomposed_from:"decomposes_to"}}}),xi={};function Si(e){return e instanceof Error&&e.message.includes("Not authenticated")?gt(dt()):null}async function ki(e,t,r,i){if(await async function(e,t,r,i){const{error:n}=await e.from("item_relationships").delete().eq("project_id",t).eq("from_id",r);if(n)throw new Error(n.message);const a=function(e,t,r){const i=r.relationships??{},n=[],a=(r,i)=>{if(Array.isArray(r))for(const a of r)"string"==typeof a&&a.length>0&&a!==t&&n.push({from_id:t,to_id:a,type:i,project_id:e})};return a(i.parents,"parent"),a(i.children,"child"),a(i.related,"related"),a(i.verified_by,"verified_by"),a(i.verifies,"verifies"),n}(t,r,i);if(0===a.length)return;const s=Array.from(new Set(a.map(e=>e.to_id))),{data:o,error:d}=await e.from("items").select("id").eq("project_id",t).is("deleted_at",null).in("id",s);if(d)throw new Error(d.message);const c=new Set((o??[]).map(e=>e.id)),l=a.filter(e=>c.has(e.to_id));if(0===l.length)return;const{error:m}=await e.from("item_relationships").insert(l);if(m)throw new Error(m.message)}(e,t,r.id,r.data),"test-case"===r.type){const{error:n}=await e.rpc("sync_test_results_for_item",{p_project_id:t,p_item_id:r.id,p_actor_user_id:i});if(n)throw new Error(n.message)}}async function Ii(e,t,r,i){await e.from("change_history").insert({item_id:r.id,project_id:t,changed_by:i,event_type:"restored",old_data:r.oldData,new_data:r.data,actor:Bi(),session_id:Fi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)})}async function Ei(e,t,r){const{data:i,error:n}=await e.from("projects").select("org_id").eq("id",t).maybeSingle();if(n)return gt(_t(n.message));if(!i)return gt(at("Project",t));const{data:a,error:s}=await e.from("organizations").select("feature_flags").eq("id",i.org_id).maybeSingle();return s?gt(_t(s.message)):!0!==(a?.feature_flags??{})[r]?gt(nt(`Feature '${r}' is not enabled for this organization`,["Ask an org admin to enable the flag in Org Settings."])):null}async function Oi(e){try{const t=await fe(),r=await async function(e,t){const{data:r,error:i}=await e.from("baselines").select("id, project_id, name, description, snapshot_at, created_at, created_by, locked_at, locked_by").eq("project_id",t).is("deleted_at",null).order("snapshot_at",{ascending:!1});if(i)throw new Error(`listBaselines: ${i.message}`);return r??[]}(t,e.project_id),i=Math.max(e.offset??0,0),n=Math.min(Math.max(e.limit??50,1),100);return ht(rt({baselines:r.slice(i,i+n).map(e=>({id:e.id,name:e.name,description:e.description,snapshot_at:e.snapshot_at,created_at:e.created_at,created_by:e.created_by,locked:null!==e.locked_at,locked_at:e.locked_at})),total:r.length,offset:i,limit:n}))}catch(e){return Si(e)??gt(_t(e instanceof Error?e.message:String(e)))}}async function Ti(e){try{const t=await fe(),r=await Ei(t,e.project_id,"baselines_enabled");if(r)return r;const{data:i,error:n}=await t.from("baselines").insert({project_id:e.project_id,name:e.name.trim(),description:e.description??null,snapshot_at:(new Date).toISOString()}).select().single();return n?"23505"===n.code?gt(nt(`Baseline name "${e.name}" already exists in this project`,["Pick a different name"])):gt(_t(n.message)):ht(rt({id:i.id,name:i.name,description:i.description,snapshot_at:i.snapshot_at,created_at:i.created_at,locked:!1}))}catch(e){return Si(e)??gt(_t(e instanceof Error?e.message:String(e)))}}async function Ui(e){try{const t=await fe(),r=await St(t,e.baseline_id);if(!r)return gt(at("Baseline",e.baseline_id));const i=await Ei(t,r.project_id,"baselines_enabled");if(i)return i;if(null!==r.locked_at)return gt(nt("Baseline is already locked",["Locks are one-way; nothing to do"]));const{data:n}=await t.from("projects").select("org_id").eq("id",r.project_id).maybeSingle();if(!n)return gt(at("Project",r.project_id));const{data:a}=await t.auth.getUser(),s=a?.user?.id;if(!s)return gt(dt());const{data:o}=await t.from("org_members").select("role").eq("user_id",s).eq("org_id",n.org_id).maybeSingle();if(!o||"admin"!==o.role)return gt(nt("Only admins can lock baselines",["Ask an org admin to lock this baseline"]));const{data:d,error:c}=await t.from("baselines").update({locked_at:(new Date).toISOString(),locked_by:s}).eq("id",e.baseline_id).select().single();return c?gt(_t(c.message)):ht(rt({id:d.id,locked_at:d.locked_at,locked_by:d.locked_by}))}catch(e){return Si(e)??gt(_t(e instanceof Error?e.message:String(e)))}}async function Ai(e){try{const t=await fe(),[r,i]=await Promise.all([St(t,e.baseline_a_id),St(t,e.baseline_b_id)]);if(!r||!i)return gt(at("Baseline","one of the baseline_ids"));if(r.project_id!==i.project_id)return gt(nt("Both baselines must belong to the same project",["Verify both baseline_ids are from the same project_id"]));const[n,a]=await Promise.all([It(t,r.project_id,r.snapshot_at),It(t,i.project_id,i.snapshot_at)]),s=new Map(n.map(e=>[e.id,e])),o=new Map(a.map(e=>[e.id,e])),d=Array.from(new Set([...s.keys(),...o.keys()])).sort(),c=[];let l=0,m=0,p=0;for(const e of d){const t=s.get(e),r=o.get(e);if(!t&&r)l++,c.push({item_id:e,change_type:"added"});else if(t&&!r)m++,c.push({item_id:e,change_type:"removed"});else if(t&&r){const i=[];t.title!==r.title&&i.push("title"),t.type!==r.type&&i.push("type");JSON.stringify(t.data??{})!==JSON.stringify(r.data??{})&&i.push("data"),i.length>0&&(p++,c.push({item_id:e,change_type:"modified",fields_changed:i}))}}const u=Math.max(e.offset??0,0),_=Math.min(Math.max(e.limit??50,1),200),f=e.detail?c.slice(u,u+_):c.slice(u,u+_).map(({item_id:e,change_type:t,fields_changed:r})=>({item_id:e,change_type:t,fields_changed:r}));return ht(rt({summary:{added:l,removed:m,modified:p,total_compared:d.length},items:f,page_info:{offset:u,limit:_,total:c.length},baselines:{a:{id:r.id,name:r.name,snapshot_at:r.snapshot_at},b:{id:i.id,name:i.name,snapshot_at:i.snapshot_at}}}))}catch(e){return Si(e)??gt(_t(e instanceof Error?e.message:String(e)))}}async function zi(e){try{const t=await fe(),r=await St(t,e.baseline_id);if(!r)return gt(at("Baseline",e.baseline_id));const i=await Ei(t,r.project_id,"baselines_enabled");if(i)return i;const{data:n}=await t.from("projects").select("org_id").eq("id",r.project_id).maybeSingle();if(!n)return gt(at("Project",r.project_id));const{data:a}=await t.auth.getUser(),s=a?.user?.id;if(!s)return gt(dt());const{data:o}=await t.from("org_members").select("role").eq("user_id",s).eq("org_id",n.org_id).maybeSingle();if(!o||"admin"!==o.role)return gt(nt("Only admins can restore from a baseline",["Ask an org admin to run the restore"]));const d=await It(t,r.project_id,r.snapshot_at),c=d.map(e=>e.id),{data:l,error:m}=c.length>0?await t.from("items").select("*").eq("project_id",r.project_id).in("id",c):{data:[],error:null};if(m)return gt(_t(m.message));const p=function(e,t){const r=new Map(t.map(e=>[e.id,e]));return e.flatMap(e=>{const t=r.get(e.id),i=[];var n,a;return t?(null!==t.deleted_at&&i.push("deleted_at"),t.type!==e.type&&i.push("type"),t.title!==e.title&&i.push("title"),n=t.data,a=e.data,JSON.stringify(n??{})!==JSON.stringify(a??{})&&i.push("data")):i.push("missing"),0===i.length?[]:[{id:e.id,type:e.type,title:e.title,data:e.data??{},diff_summary:{changed_fields:i,restored:!0},oldData:t?.data??null}]})}(d,l??[]),{data:u,error:_}=await t.rpc("variables_at",{p_project_id:r.project_id,p_snapshot_at:r.snapshot_at});if(_)return gt(_t(_.message));const f=u??[];if(!0!==e.confirm)return ht(rt({preview:!0,items_to_restore:p.length,variables_to_restore:f.length}));let h=0;if(p.length>0){const e=p.map(({oldData:e,...t})=>t),{data:i,error:n}=await t.rpc("bulk_save_items_with_revisions",{p_project_id:r.project_id,p_items:e,p_user_id:s,p_event_source:"restore"});if(n)return gt(_t(n.message));h="number"==typeof i?i:p.length;for(const e of p)await ki(t,r.project_id,e,s),await Ii(t,r.project_id,e,s)}if(f.length>0){const{error:e}=await t.rpc("bulk_save_variables_with_revisions",{p_project_id:r.project_id,p_variables:f,p_user_id:s,p_event_source:"restore"});if(e)return gt(_t(e.message))}return ht(rt({ok:!0,items_restored:h,variables_restored:f.length}))}catch(e){return Si(e)??gt(_t(e instanceof Error?e.message:String(e)))}}E(xi,{createBaselineHandler:()=>Ti,diffBaselinesHandler:()=>Ai,listBaselinesHandler:()=>Oi,lockBaselineHandler:()=>Ui,restoreBaselineHandler:()=>zi});var Hi,Di,Ri,Ci,Pi,Mi,qi,$i,Ni=I({"src/tools/baselines.ts"(){Se(),Qi(),bt(),Ut()}}),Li={};function Wi(e){L(e.toolName)&&function(e,t){const r=`ui://${t.toolName}/${t.htmlFile}`,i=function(e,t){const r=s.fileURLToPath("undefined"==typeof document?require("url").pathToFileURL(__filename).href:p&&"SCRIPT"===p.tagName.toUpperCase()&&p.src||new URL("index.cjs",document.baseURI).href),i=j.default.dirname(r);return j.default.resolve(i,"apps","src","apps",e,t)}(t.appName,t.htmlFile),n=[...yt.resourceDomains,...t.extraResourceDomains??[]];o.registerAppTool(e,t.toolName,{title:t.title,description:t.description,inputSchema:t.inputSchema,annotations:t.annotations,_meta:{ui:{resourceUri:r}}},t.handler),o.registerAppResource(e,`${t.title} UI`,r,{mimeType:o.RESOURCE_MIME_TYPE},async()=>{const e=await v.default.readFile(i,"utf-8");return{contents:[{uri:r,mimeType:o.RESOURCE_MIME_TYPE,text:e,_meta:{ui:{csp:{resourceDomains:n}}}}]}})}(Ci,e)}function Vi(e,t){return async r=>{const i=U(M(),e);if(!i.allowed)return gt(nt(`Tool ${e} is blocked by org policy.`,[z(i.reason),"Contact your org admin to adjust the MCP access policy."]));try{!function(e){const t=We();if(!t)return;if("object"!=typeof e||null===e)return;const r=e.project_id;if("string"==typeof r&&r!==t)throw new $e(t,r)}(r)}catch(e){if(e instanceof $e)return gt(lt(e.expectedProjectId));throw e}{const e=M(),t=r?.project_id;if(null!==e.project_scope&&"string"==typeof t&&!e.project_scope.includes(t))return gt(nt("Tool call rejected: project_id is outside your org's MCP project scope.",[`Allowed projects: ${e.project_scope.length} project${1===e.project_scope.length?"":"s"} configured by your admin`,"Use atoms_list_projects to see which projects you can access in this session"]))}let n,a;try{a=await fe(),n=be()}catch{return t(r)}const s=await async function(e,t){const r=parseInt(process.env.ATOMS_RATE_LIMIT_RPM??"",10)||Ce,i=new Date,n=new Date(i.getTime()-Pe);try{const{count:a,error:s}=await t.from("mcp_rate_limits").select("id",{count:"exact",head:!0}).eq("user_id",e).gte("requested_at",n.toISOString());if(s)throw new Error(s.message);if((a??0)>=r){const{data:r,error:a}=await t.from("mcp_rate_limits").select("requested_at").eq("user_id",e).gte("requested_at",n.toISOString()).order("requested_at",{ascending:!0}).limit(1).maybeSingle();if(a)throw new Error(a.message);const s=(r?new Date(r.requested_at).getTime():i.getTime())+Pe-i.getTime();return{allowed:!1,retryAfterSeconds:Math.max(1,Math.ceil(s/1e3))}}t.from("mcp_rate_limits").insert({user_id:e,requested_at:i.toISOString()}).then(({error:e})=>{e&&process.stderr.write(`[rate-limiter] insert failed: ${e.message}\n`)});const o=new Date(i.getTime()-2*Pe);return t.from("mcp_rate_limits").delete().eq("user_id",e).lt("requested_at",o.toISOString()).then(()=>{}),{allowed:!0}}catch(e){return process.stderr.write(`[rate-limiter] DB check failed (${e instanceof Error?e.message:String(e)}), falling back to allow.\n`),{allowed:!0}}}(n,a);if(!s.allowed)return gt(mt(s.retryAfterSeconds));if("1"===process.env.ATOMS_MCP_LOCKDOWN||"true"===process.env.ATOMS_MCP_LOCKDOWN){const e=r?.project_id;if("string"==typeof e)try{const{requireWriteAccess:t}=await Promise.resolve().then(()=>(Se(),_e));await t(a,e)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message){const{accessDeniedError:e}=await Promise.resolve().then(()=>(bt(),Xe));return gt(e("Viewer (lockdown mode: read access requires editor or admin)"))}}}const o=function(){const e=performance.now();return()=>Math.round(performance.now()-e)}();let d,c="success";try{const e=await t(r),i=e;if(!0===i?.isError){c="error";const e=i?.content;if(e?.[0]?.text)try{d=JSON.parse(e[0].text).message}catch{}}return e}catch(e){throw c="error",d=e instanceof Error?e.message:String(e),e}finally{const t={tool_name:e,params:r,status:c,duration_ms:o(),error_msg:d,project_id:r.project_id,session_id:Mi,client_name:qi};try{!function(e,t,r){const i=Re(r.params);e.from("mcp_audit_log").insert({user_id:t,tool_name:r.tool_name,params:i,status:r.status,duration_ms:r.duration_ms,error_msg:r.error_msg??null,project_id:r.project_id??null,session_id:r.session_id??null,client_name:r.client_name??null}).then(({error:e})=>{e&&process.stderr.write(`[audit] Failed to log: ${e.message}\n`)})}(await fe(),n,t)}catch{}}}}function Fi(){return Mi}function Bi(){return $i}function Ji(){return qi}E(Li,{ATOMS_MCP_SERVER_VERSION:()=>Ri,getMcpActor:()=>Bi,getMcpClientName:()=>Ji,getMcpSessionId:()=>Fi,server:()=>Ci});var Qi=I({"src/server.ts"(){Ne(),Le(),F(),Fe(),q(),C(),Ze(),Se(),bt(),wt(),Hi=l.createRequire("undefined"==typeof document?require("url").pathToFileURL(__filename).href:p&&"SCRIPT"===p.tagName.toUpperCase()&&p.src||new URL("index.cjs",document.baseURI).href),Di=Hi("../package.json"),Ri=Di.version,Ci=new d.McpServer({name:"atoms-mcp-server",version:Ri}),Pi=(e,t,r)=>{if(L(e))return Ci.registerTool(e,t,r)},Mi=a.randomUUID(),qi=Be(process.env.ATOMS_CLIENT_NAME),$i=function(){const e=Be(qi);return"cursor"===e?"mcp_cursor":"copilot"===e?"mcp_copilot":"mcp_claude"}(),Pi("atoms_status",{title:"ATOMS MCP Health Check",description:'Check the health and authentication status of the ATOMS MCP server.\n\nCall this FIRST if other atoms tools fail or return auth errors.\nThis tool works WITHOUT authentication — it checks whether credentials\nexist and are valid, and tells the user exactly what to do if not.\n\nArgs: None\n\nReturns:\n { status: "authenticated"|"not_authenticated"|"expired", email, message, next_steps }\n\nExamples:\n - "Is ATOMS MCP working?" → atoms_status()\n - "Why are atoms tools failing?" → atoms_status()',inputSchema:{},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},async()=>{try{const{readCredentials:e,isTokenValid:t}=await Promise.resolve().then(()=>(re(),B)),r=await e();if(!r)return{content:[{type:"text",text:JSON.stringify({status:"not_authenticated",message:"No ATOMS credentials found. You need to login first.",next_steps:["1. Open a terminal on your machine","2. Run: npx @atoms-tech/atoms-mcp login","3. Complete the login in your browser","4. Restart Claude Desktop (quit and reopen)","5. Try your query again"]},null,2)}]};if(!t(r))try{const{getValidToken:e}=await Promise.resolve().then(()=>(ue(),ae)),{email:t}=await e(),{invalidateClient:r}=await Promise.resolve().then(()=>(Se(),_e));return r(),{content:[{type:"text",text:JSON.stringify({status:"authenticated",email:t,message:"Token was expired but has been refreshed. You're good to go!"},null,2)}]}}catch{return{content:[{type:"text",text:JSON.stringify({status:"expired",email:r.user_email??"unknown",message:"Your session has expired and could not be refreshed.",next_steps:["1. Open a terminal on your machine","2. Run: npx @atoms-tech/atoms-mcp logout","3. Run: npx @atoms-tech/atoms-mcp login","4. Complete the login in your browser","5. Restart Claude Desktop (quit and reopen)"]},null,2)}]}}return{content:[{type:"text",text:JSON.stringify({status:"authenticated",email:r.user_email??"unknown",message:"ATOMS MCP is connected and authenticated. All tools are ready."},null,2)}]}}catch(e){return{content:[{type:"text",text:JSON.stringify({status:"error",message:`Health check failed: ${e instanceof Error?e.message:String(e)}`,next_steps:["1. Open a terminal","2. Run: npx @atoms-tech/atoms-mcp login","3. Restart Claude Desktop"]},null,2)}]}}}),Pi("atoms_list_projects",{title:"List ATOMS Projects",description:'List all projects the authenticated user has access to.\n\nThis is the ENTRY POINT tool. Call this first to discover project IDs,\nthen use those IDs with all other tools.\n\nArgs: None\n\nReturns:\n { status: "success", data: [{ id, name, description, org_id, created_at }] }\n\nExamples:\n - "What projects do I have?" → atoms_list_projects()\n - "Show my projects" → atoms_list_projects()\n\nWorkflow:\n atoms_list_projects → atoms_list_items(project_id) → atoms_get_item(project_id, item_id)',inputSchema:{},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_list_projects",async()=>{const{listProjectsHandler:e}=await Promise.resolve().then(()=>(Ht(),At));return e()})),Pi("atoms_list_items",{title:"List ATOMS Items",description:'List items in an ATOMS project with optional type/domain/level filters.\n\nThis is the primary ENTRY POINT for discovering items. Use it to browse\nproject contents before drilling into specific items with atoms_get_item.\n\nArgs:\n - project_id (string, UUID): The project to list items from\n - type (string, optional): Filter: requirement|test-case|note|table\n - domain (string, optional): Filter by domain tag\n - level (string, optional): Filter by level (System, Subsystem, Component)\n - limit (number, optional): Max results, 1-200 (default 50)\n - offset (number, optional): Pagination offset (default 0)\n\nReturns:\n { status: "success", data: [{ id, title, type, status, domains, level }], meta: { total_count, limit, offset, has_more } }\n\nExamples:\n - "Show me all requirements" → atoms_list_items(project_id, type="requirement")\n - "What test cases exist?" → atoms_list_items(project_id, type="test-case")\n\nErrors:\n - "Project not found" → verify project_id\n - "Access denied" → check org membership',inputSchema:{project_id:c.z.string().uuid("Must be a valid project UUID").describe("UUID of the project"),type:c.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),domain:c.z.string().max(64).optional().describe("Filter by domain tag (e.g., 'Safety', 'Performance')"),level:c.z.string().max(32).optional().describe("Filter by level (System, Subsystem, Component)"),limit:c.z.number().int().min(1).max(200).default(50).describe("Max results (default 50, max 200)"),offset:c.z.number().int().min(0).default(0).describe("Pagination offset (default 0)"),baseline_id:c.z.string().uuid().optional().describe("Optional baseline UUID. Returns items as they were at that baseline's moment. Mutually exclusive with as_of."),as_of:c.z.string().datetime().optional().describe("Optional ISO 8601 timestamp. Returns items as they were at that moment. Mutually exclusive with baseline_id.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_list_items",async e=>{const{listItemsHandler:t}=await Promise.resolve().then(()=>(Ct(),Dt));return t(e)})),Pi("atoms_get_item",{title:"Get ATOMS Item Details",description:'Get full details of a single item including relationships, test history, and ownership.\n\nUse after atoms_list_items or atoms_search to drill into a specific item.\n\nArgs:\n - project_id (string, UUID): The project containing the item\n - item_id (string): Item ID (e.g., "REQ-001", "TC-050")\n\nReturns:\n Full WorkItem with relationships, test runs, ownership, metadata.\n\nExamples:\n - "Show me requirement REQ-001" → atoms_get_item(project_id, "REQ-001")\n - "Get test case details" → atoms_get_item(project_id, "TC-050")',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).describe("Item ID (e.g., REQ-001)"),baseline_id:c.z.string().uuid().optional().describe("Optional baseline UUID. Returns the item as it was at that baseline's moment. Mutually exclusive with as_of."),as_of:c.z.string().datetime().optional().describe("Optional ISO 8601 timestamp. Returns the item as it was at that moment. Mutually exclusive with baseline_id.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_get_item",async e=>{const{getItemHandler:t}=await Promise.resolve().then(()=>(qt(),Pt));return t(e)})),Pi("atoms_search",{title:"Search ATOMS Items",description:'Full-text search across items in a project. Searches title, body, and summary.\n\nAlternative entry point to atoms_list_items when you know what you\'re looking for.\n\nArgs:\n - project_id (string, UUID): The project to search in\n - query (string): Search text (max 1000 chars)\n - type (string, optional): Filter by type\n - asset (string, optional): Filter to items with at least one run on the given asset\n (VIN, module, lot, ...). Case-sensitive exact match.\n - limit (number, optional): Max results, 1-100 (default 25)\n\nReturns:\n Matching items with @basic fields, ranked by relevance.\n\nExamples:\n - "Find braking requirements" → atoms_search(project_id, "braking system")\n - "Search for safety tests" → atoms_search(project_id, "safety", type="test-case")\n - "Tests that ran on this VIN" → atoms_search(project_id, "", asset="WEV...0005")',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),query:c.z.string().min(1).max(1e3).describe("Search text"),type:c.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),asset:c.z.string().max(200).optional().describe("Filter to items with at least one run on this asset (case-sensitive exact)"),limit:c.z.number().int().min(1).max(100).default(25).describe("Max results (default 25, max 100)"),baseline_id:c.z.string().uuid().optional().describe("Optional baseline UUID. Searches within the project state at that baseline's moment.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_search",async e=>{const{searchHandler:t}=await Promise.resolve().then(()=>(Lt(),$t));return t(e)})),Pi("atoms_semantic_search",{title:"Semantic Search ATOMS Items",description:'Meaning-based search across items using pgvector embeddings (GTE-small, 384d).\n\nUse when atoms_search (exact/substring) misses conceptually related items.\nBest for natural-language concept queries; atoms_search is better for exact phrases or IDs.\n\nArgs:\n - project_id (string, UUID): The project to search in\n - query (string): Natural-language concept query (max 1000 chars)\n - type (string, optional): Filter by type\n - limit (number, optional): Max results, 1-50 (default 10)\n\nReturns:\n Semantically similar items ranked by cosine similarity.\n\nExamples:\n - "Find braking-related requirements" → atoms_semantic_search(project_id, "braking deceleration stopping distance")\n - "Safety-related test cases" → atoms_semantic_search(project_id, "hazard risk mitigation safety", type="test-case")',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),query:c.z.string().min(1).max(1e3).describe("Natural-language concept query"),type:c.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),limit:c.z.number().int().min(1).max(50).default(10).describe("Max results (default 10, max 50)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_semantic_search",async e=>{const{semanticSearchHandler:t}=await Promise.resolve().then(()=>(Ft(),Wt));return t(e)})),Wi({appName:"coverage",htmlFile:"coverage-app.html",toolName:"atoms_get_coverage",title:"Get Test Coverage Report",description:'Find requirements without linked test cases (coverage gaps).\n\nEssential for compliance reporting in safety-critical industries.\n\nIn MCP App hosts (Claude, ChatGPT), renders a visual coverage heatmap.\nFalls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): The project to analyze\n - domain (string, optional): Filter by domain\n - level (string, optional): Filter by level\n - baseline_id (string, UUID, optional): coverage at that baseline\'s moment\n - as_of (string ISO 8601, optional): coverage at that moment\n baseline_id and as_of are mutually exclusive.\n\nReturns:\n { covered, uncovered, total, coverage_percent, uncovered_items: [...] }\n\nExamples:\n - "What\'s our test coverage?" → atoms_get_coverage(project_id)\n - "Safety coverage gaps?" → atoms_get_coverage(project_id, domain="Safety")\n - "Coverage at PDR submission" → atoms_get_coverage(project_id, baseline_id="...")',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),domain:c.z.string().max(64).optional().describe("Filter by domain tag"),level:c.z.string().max(32).optional().describe("Filter by level"),baseline_id:c.z.string().uuid().optional().describe("Compute coverage as of this baseline's snapshot moment"),as_of:c.z.string().datetime().optional().describe("Compute coverage as of this ISO 8601 moment")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Vi("atoms_get_coverage",async e=>{const{getCoverageHandler:t}=await Promise.resolve().then(()=>(Qt(),Bt));return t(e)})}),Pi("atoms_get_history",{title:"Get Item Change History",description:"Audit trail for an item — who changed what, when, and whether it was human or AI.\n\nShows actor attribution (user vs mcp_<client>) and session grouping.\n\nArgs:\n - project_id (string, UUID): The project containing the item\n - item_id (string): Item ID\n - limit (number, optional): Max entries (default 20, max 100)\n\nReturns:\n Change entries with actor, session_id, event_type, changed_at, fields_changed.",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).describe("Item ID"),limit:c.z.number().int().min(1).max(100).default(20).describe("Max entries (default 20)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_get_history",async e=>{const{getHistoryHandler:t}=await Promise.resolve().then(()=>(Kt(),Gt));return t(e)})),Wi({appName:"mermaid",htmlFile:"mermaid-app.html",toolName:"atoms_export_mermaid",title:"Export Mermaid Diagram",description:"Generate a Mermaid diagram of the requirement/test hierarchy.\n\nOutput is paste-ready for markdown docs. Shows parent-child relationships\nand requirement-to-test-case verification links.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive pan/zoom diagram.\nFalls back to Mermaid text for non-UI clients.\n\nArgs:\n - project_id (string, UUID): The project to visualize\n - root_item_id (string, optional): Start node (default: all roots)\n - depth (number, optional): Max depth (default 3, max 10)\n - include_tests (boolean, optional): Show test case links (default true)\n - baseline_id (string, UUID, optional): render the graph at that baseline's moment\n - as_of (string ISO 8601, optional): render the graph at that moment\n baseline_id and as_of are mutually exclusive.\n\nReturns:\n Mermaid graph string.",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),root_item_id:c.z.string().max(20).optional().describe("Root item ID to start from"),depth:c.z.number().int().min(1).max(10).default(3).describe("Max depth"),include_tests:c.z.boolean().default(!0).describe("Include test case links"),baseline_id:c.z.string().uuid().optional().describe("Render the graph as of this baseline's snapshot moment"),as_of:c.z.string().datetime().optional().describe("Render the graph as of this ISO 8601 moment")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},extraResourceDomains:["cdn.jsdelivr.net","mermaid.ink"],handler:Vi("atoms_export_mermaid",async e=>{const{exportMermaidHandler:t}=await Promise.resolve().then(()=>(tr(),Zt));return t(e)})}),Pi("atoms_create_item",{title:"Create ATOMS Item",description:"Create a new requirement, test case, or note in a project.\n\nRequires editor or admin role. Changes are logged with AI actor attribution.\n\nArgs:\n - project_id (string, UUID): Target project\n - type (string): requirement|test-case|note\n - title (string): Item title (max 500 chars)\n - body (string, optional): Rich text body\n - summary (string, optional): Brief summary\n - domains (string[], optional): Domain tags\n - level (string, optional): System|Subsystem|Component\n - parent_ids (string[], optional): Parent item IDs to link\n\nReturns:\n Created item with generated ID (e.g., \"REQ-058\")\n\nSide effects:\n - Logs to change_history with actor='mcp_<client>'\n - Creates relationships if parent_ids provided",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the target project"),type:c.z.enum(["requirement","test-case","note"]).describe("Item type"),title:c.z.string().min(1).max(500).describe("Item title"),body:c.z.string().max(5e4).optional().describe("Rich text body"),summary:c.z.string().max(2e3).optional().describe("Brief summary"),domains:c.z.array(c.z.string().max(64)).max(20).optional().describe("Domain tags"),level:c.z.string().max(32).optional().describe("System|Subsystem|Component"),parent_ids:c.z.array(c.z.string().max(20)).max(50).optional().describe("Parent item IDs to link"),echo:c.z.boolean().optional().describe("false → lean {id,type} response, saves ~580 tokens")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_create_item",async e=>{const{createItemHandler:t}=await Promise.resolve().then(()=>(nr(),rr));return t(e)})),Pi("atoms_update_item",{title:"Update ATOMS Item",description:"Update an existing item's fields. Only provided fields are changed.\n\nRequires editor or admin role. Logs old/new data diff to change history.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Item to update\n - title, body, summary, domains, level, status: Fields to update (all optional)\n - expected_updated_at (string, optional): Pass metadata.updated_at from atoms_get_item to reject stale writes\n\nReturns:\n Updated item.",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).optional().describe("Item ID (single form)"),title:c.z.string().min(1).max(500).optional().describe("New title"),body:c.z.string().max(5e4).optional().describe("New body"),summary:c.z.string().max(2e3).optional().describe("New summary"),domains:c.z.array(c.z.string().max(64)).max(20).optional().describe("New domain tags"),level:c.z.string().max(32).optional().describe("New level"),status:c.z.enum(["passed","failed","blocked","not-run"]).optional().describe("Test case status"),expected_updated_at:c.z.string().datetime().optional().describe("metadata.updated_at value from atoms_get_item; rejects stale writes"),echo:c.z.boolean().optional().describe("false → lean {id,updated_fields} response, saves ~580 tokens"),reason:c.z.string().max(500).optional().describe("Change rationale, persisted in audit history"),updates:c.z.array(c.z.object({item_id:c.z.string().min(1).max(20),title:c.z.string().min(1).max(500).optional(),body:c.z.string().max(5e4).optional(),summary:c.z.string().max(2e3).optional(),domains:c.z.array(c.z.string().max(64)).max(20).optional(),level:c.z.string().max(32).optional(),status:c.z.enum(["passed","failed","blocked","not-run"]).optional(),expected_updated_at:c.z.string().datetime().optional()})).optional().describe("Array form: update many items in one call"),idempotency_key:c.z.string().max(128).optional().describe("Safe retry key (24h TTL)"),continue_on_error:c.z.boolean().optional().describe("Allow partial success (default false = atomic)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_update_item",async e=>{const{updateItemHandler:t}=await Promise.resolve().then(()=>(cr(),ar));return t(e)})),Pi("atoms_delete_item",{title:"Delete ATOMS Item",description:'Soft-delete an item (sets deleted_at, preserves for audit trail).\n\nRequires editor or admin role. The item is never truly removed.\n\nWhen ATOMS_MCP_REQUIRE_CONFIRMATION is set on the server, this tool uses a\ntwo-step flow: the first call returns a preview + confirmation_token; the\nsecond call (with the token) executes. Tokens expire in 60s and are bound\nto (tool, project_id, item_id).\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Item to delete\n - confirmation_token (string, optional): Token from a prior preview call\n\nReturns:\n Confirmation with deleted item summary, or { status: "confirmation_required",\n preview, confirmation_token } when the confirmation gate is active.',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).describe("Item ID to soft-delete"),confirmation_token:c.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_delete_item",async e=>{const{deleteItemHandler:t}=await Promise.resolve().then(()=>(br(),gr));return t(e)})),Pi("atoms_restore_item",{title:"Restore ATOMS Item",description:'Undo a soft-delete — restores an item that was previously deleted with atoms_delete_item.\n\nOnly works on items that have been soft-deleted (still in the database with deleted_at set).\nHas no effect if the item is not deleted. Logs the restoration to change_history.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): ID of the deleted item to restore\n\nReturns:\n Confirmation with the restored item\'s title and type.\n\nExamples:\n - "Restore the deleted requirement REQ-042" → atoms_restore_item(project_id, "REQ-042")',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().max(256).describe("ID of the soft-deleted item to restore")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_restore_item",async e=>{const{restoreItemHandler:t}=await Promise.resolve().then(()=>(jr(),wr));return t(e)})),Pi("atoms_link_items",{title:"Link ATOMS Items",description:"Add or remove relationships between items.\n\nSupports: parent, child, related, verifies, verified_by.\nUpdates both items' JSONB data and the shadow table.\n\nArgs:\n - project_id (string, UUID): Project containing both items\n - from_id (string): Source item\n - to_id (string): Target item\n - type (string): parent|child|related|verifies|verified_by\n - action (string): add|remove\n - expected_from_updated_at / expected_to_updated_at (string, optional): pass metadata.updated_at values from atoms_get_item to reject stale link commands\n\nReturns:\n Updated relationship state for both items.",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),from_id:c.z.string().min(1).max(20).optional().describe("Source item ID (single form)"),to_id:c.z.string().min(1).max(20).optional().describe("Target item ID (single form)"),type:c.z.enum(["parent","child","related","verifies","verified_by"]).optional().describe("Relationship type"),action:c.z.enum(["add","remove"]).optional().describe("Add or remove"),expected_from_updated_at:c.z.string().datetime().optional().describe("metadata.updated_at for from_id from atoms_get_item"),expected_to_updated_at:c.z.string().datetime().optional().describe("metadata.updated_at for to_id from atoms_get_item"),echo:c.z.boolean().optional().describe("false → lean response"),reason:c.z.string().max(500).optional().describe("Change rationale, persisted in audit history"),operations:c.z.array(c.z.object({action:c.z.enum(["add","remove"]),from_id:c.z.string().min(1).max(20),to_id:c.z.string().min(1).max(20),type:c.z.enum(["parent","child","related","verifies","verified_by"]),expected_from_updated_at:c.z.string().datetime().optional(),expected_to_updated_at:c.z.string().datetime().optional()})).optional().describe("Array form: batch relationship ops. Always atomic with DAG cycle detection."),idempotency_key:c.z.string().max(128).optional().describe("Safe retry key (24h TTL)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_link_items",async e=>{const{linkItemsHandler:t}=await Promise.resolve().then(()=>(kr(),xr));return t(e)})),Wi({appName:"import",htmlFile:"import-app.html",toolName:"atoms_bulk_import",title:"Bulk Import ATOMS Items",description:"Bulk create multiple items in a single tool call. Essential for AI agents\nthat generate 20+ requirements at once.\n\nChecks write access once, generates sequential IDs, batch inserts all items,\nand reports per-item errors without aborting the entire batch.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive results table.\nFalls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): Target project\n - items (array): Up to 100 items to create, each with:\n - type (string): requirement|test-case|note\n - title (string): Item title (max 500 chars)\n - body (string, optional): Rich text body\n - summary (string, optional): Brief summary\n - domains (string[], optional): Domain tags\n - level (string, optional): System|Subsystem|Component\n - parent_id (string, optional): Parent item ID to link\n\nReturns:\n { created: number, items: [{ id, title, type }], errors: [] }\n\nLimits:\n - Maximum 100 items per call\n - If any item fails, others still succeed — errors reported separately\n\nSide effects:\n - Logs to change_history with actor='mcp_<client>' for each created item\n - Creates parent relationships for items with parent_id",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the target project"),items:c.z.array(c.z.object({type:c.z.enum(["requirement","test-case","note"]).describe("Item type"),title:c.z.string().min(1).max(500).describe("Item title"),body:c.z.string().max(5e4).optional().describe("Rich text body"),summary:c.z.string().max(2e3).optional().describe("Brief summary"),domains:c.z.array(c.z.string().max(64)).max(20).optional().describe("Domain tags"),level:c.z.string().max(32).optional().describe("System|Subsystem|Component"),parent_id:c.z.string().max(20).optional().describe("Parent item ID to link")})).min(1).max(100).describe("Items to create (1-100)"),confirmation_token:c.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1},handler:Vi("atoms_bulk_import",async e=>{const{bulkImportHandler:t}=await Promise.resolve().then(()=>(Or(),Ir));return t(e)})}),Pi("atoms_record_test_result",{title:"Record Test Result",description:"Record a pass/fail/blocked result for a test case.\n\nAppends to canonical items.data.runs and projects test_results from that\nhistory. Use atoms_get_item to see all results.\n\nArgs:\n - project_id (string, UUID): Project containing the test case\n - item_id (string): Test case ID (e.g., \"TC-001\")\n - result (string): passed|failed|blocked|not-run\n - note (string, optional): Reason or comment for this result\n - asset (string, optional): Asset identifier this run was executed against\n (VIN, module ID, lot number, serial number, etc). Max 200 chars.\n Auto-trimmed; empty/whitespace is treated as omitted. If the asset\n name does not yet exist in the project, it is auto-registered.\n\nReturns:\n Recorded result with timestamp. When asset is provided, also returns\n asset_id and asset_created.\n\nSide effects:\n - Appends to items.data.runs through save_item_with_revision\n - Projects public.test_results from items.data.runs\n - Inserts into assets table if asset name is new in this project\n - Logs to change_history with actor='mcp_<client>'",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).describe("Test case ID (e.g., TC-001)"),result:c.z.enum(["passed","failed","blocked","not-run"]).describe("Test result"),note:c.z.string().max(1e3).optional().describe("Reason or comment for this result"),asset:c.z.string().max(200).optional().describe("Asset identifier this run was executed against (VIN, module ID, lot, etc). Auto-registered if new.")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_record_test_result",async e=>{const{recordTestResultHandler:t}=await Promise.resolve().then(()=>(Ar(),Tr));return t(e)})),Pi("atoms_record_test_results",{title:"Record Test Results (bulk)",description:'Record many runs on one test case in a single atomic call.\n\nOptimized for multi-asset campaigns. Each entry can have its own asset and\nresult. Asset lookup-or-create happens per entry; new asset names are\nauto-registered. Runs are appended to canonical items.data.runs, then\ntest_results is projected from that history. The whole call is one DB\ntransaction; any entry failure rolls back the rest.\n\nUse the singular atoms_record_test_result for one-off runs.\n\nArgs:\n - project_id (string, UUID): Project containing the test case\n - item_id (string): Test case ID (e.g., "TC-001")\n - results (array, 1-100 entries): Each entry has:\n - asset (string, optional): Asset identifier (VIN, module ID, lot)\n - result (string, required): passed|failed|blocked|not-run\n - note (string, optional): Run note\n - date (string, optional): ISO 8601 datetime, default now()\n\nReturns:\n Per-entry outcomes with asset_id, asset_created, run_at, ok flags.\n\nSide effects:\n - Appends to items.data.runs through save_item_with_revision\n - Projects public.test_results from items.data.runs\n - Inserts new rows into assets for any asset name not already registered\n - Logs a single change_history entry summarizing the batch',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).describe("Test case ID (e.g., TC-001)"),results:c.z.array(c.z.object({asset:c.z.string().max(200).optional().describe("Asset identifier this run was executed against. Auto-registered if new."),result:c.z.enum(["passed","failed","blocked","not-run"]).describe("Test result"),note:c.z.string().max(500).optional().describe("Run note"),date:c.z.string().optional().describe("ISO 8601 datetime (default: now())")})).min(1).max(100).describe("1 to 100 result entries on this test case")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_record_test_results",async e=>{const{recordTestResultsBulkHandler:t}=await Promise.resolve().then(()=>(Mr(),zr));return t(e)})),Wi({appName:"trace",htmlFile:"trace-app.html",toolName:"atoms_trace",title:"Trace Item Relationships",description:'Walk the traceability graph from a starting item.\n\nAnswers questions like "which requirements does TC-003 verify?" or\n"if I change REQ-001, what\'s affected downstream?"\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive graph visualization.\nFalls back to flat list for non-UI clients.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Starting item ID\n - direction (string): upstream|downstream|both\n - upstream: follow parent/verifies links (dependencies)\n - downstream: follow child/verified_by links (dependents)\n - both: trace in both directions\n - depth (number, optional): Max traversal depth (default 5, max 10)\n - relationship_types (string[], optional): Filter to specific types (parent, child, related, verifies, verified_by)\n\nReturns:\n { root, direction, items: [{ id, title, type, relationship, depth }], total_count }\n\nExamples:\n - "What does TC-003 verify?" → atoms_trace(project_id, "TC-003", "upstream")\n - "What\'s affected by REQ-001?" → atoms_trace(project_id, "REQ-001", "downstream")',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).describe("Starting item ID"),direction:c.z.enum(["upstream","downstream","both"]).describe("Traversal direction"),depth:c.z.number().int().min(1).max(10).default(5).describe("Max traversal depth (default 5)"),relationship_types:c.z.array(c.z.enum(["parent","child","related","verifies","verified_by"])).optional().describe("Filter to specific relationship types")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Vi("atoms_trace",async e=>{const{traceHandler:t}=await Promise.resolve().then(()=>(Nr(),qr));return t(e)})}),Pi("atoms_list_assets",{title:"List Project Assets",description:"List asset identifiers registered in a project.\n\nAssets are free-form per-instance IDs (VINs, module names, lot numbers,\nserial numbers) that test runs are tagged against. They are auto-registered\nthe first time they appear on a run via atoms_record_test_result.\n\nArgs:\n - project_id (string, UUID): Project to list assets for\n - include_archived (boolean, optional): Include archived assets (default false)\n\nReturns:\n { assets: [{ id, name, archived_at, created_at }], total }",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),include_archived:c.z.boolean().optional().describe("Include archived assets (default false)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_list_assets",async e=>{const{listAssetsHandler:t}=await Promise.resolve().then(()=>(Vr(),Lr));return t(e)})),Pi("atoms_list_variables",{title:"List Project Variables",description:"List all parameterized variables defined in a project.\n\nVariables are shared values (e.g., backup_camera_latency = 2s) that can be\nreferenced in requirement bodies as {variable_name}.\n\nArgs:\n - project_id (string, UUID): Project to list variables for\n - baseline_id (string, UUID, optional): list variables as they were at that baseline\n - as_of (string ISO 8601, optional): list variables as they were at that moment\n\nReturns:\n { variables: [{ id, name, value, unit, description }], total }",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),baseline_id:c.z.string().uuid().optional().describe("Optional baseline UUID for time-travel reads"),as_of:c.z.string().datetime().optional().describe("Optional ISO timestamp for time-travel reads")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_list_variables",async e=>{const{listVariablesHandler:t}=await Promise.resolve().then(()=>(ei(),Fr));return t(e)})),Pi("atoms_get_variable",{title:"Get Project Variable",description:'Get a specific variable by name, including which items reference it.\n\nArgs:\n - project_id (string, UUID): Project containing the variable\n - variable_name (string): Variable name (e.g., "backup_camera_latency")\n - baseline_id (string, UUID, optional): get the variable as it was at that baseline\n - as_of (string ISO 8601, optional): get the variable as it was at that moment\n\nReturns:\n { variable, referenced_by: [{ id, title, type }], reference_count }',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),variable_name:c.z.string().min(1).max(64).describe("Variable name"),baseline_id:c.z.string().uuid().optional().describe("Optional baseline UUID for time-travel reads"),as_of:c.z.string().datetime().optional().describe("Optional ISO timestamp for time-travel reads")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_get_variable",async e=>{const{getVariableHandler:t}=await Promise.resolve().then(()=>(ei(),Fr));return t(e)})),Pi("atoms_update_variable",{title:"Update Project Variable",description:"Update a variable's value, unit, or description.\n\nArgs:\n - project_id (string, UUID): Project containing the variable\n - variable_name (string): Variable name\n - value (string, optional): New value\n - unit (string, optional): Unit abbreviation (e.g., 's', 'Hz')\n - description (string, optional): Human-readable description\n\nReturns:\n { variable }",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),variable_name:c.z.string().min(1).max(64).describe("Variable name"),value:c.z.string().max(500).optional().describe("New value"),unit:c.z.string().max(32).optional().describe("Unit abbreviation"),description:c.z.string().max(2e3).optional().describe("Description")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_update_variable",async e=>{const{updateVariableHandler:t}=await Promise.resolve().then(()=>(ei(),Fr));return t(e)})),Pi("atoms_create_variable",{title:"Create Project Variable",description:'Create one or many parameterized variables for a project.\n\nSingle form: provide name + value.\nArray form: provide variables[] for bulk creation (one atomic INSERT).\n\nVariables can then be embedded in requirement bodies as {variable_name}.\n\nArgs (single form):\n - project_id (string, UUID): Project to add the variable to\n - name (string): Variable name, letters, digits, underscores; must start with letter/underscore\n - value (string): Initial value (e.g., "100", "true", "nominal")\n - unit (string, optional): Unit abbreviation (e.g., "Hz", "ms", "m/s²")\n - description (string, optional): Human-readable description\n - echo (bool, optional): false → lean {name} response (default true)\n\nArgs (array form):\n - project_id (string, UUID): Project UUID\n - variables[]: Array of { name, value, unit?, description? }\n - echo (bool, optional): false → lean {name} list (default true)\n - idempotency_key (string, optional): Dedup key\n\nReturns (single): { variable, message }\nReturns (array): { batch_id, created, variables, message }',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),name:c.z.string().min(1).max(64).optional().describe("Variable name (single form)"),value:c.z.string().min(1).max(500).optional().describe("Initial value (single form)"),unit:c.z.string().max(32).optional().describe("Unit abbreviation"),description:c.z.string().max(2e3).optional().describe("Description"),echo:c.z.boolean().optional().describe("false → lean response (default true)"),variables:c.z.array(c.z.object({name:c.z.string().min(1).max(64).describe("Variable name"),value:c.z.string().min(1).max(500).describe("Initial value"),unit:c.z.string().max(32).optional().describe("Unit abbreviation"),description:c.z.string().max(2e3).optional().describe("Description")})).optional().describe("Array form: batch variable creation. Atomic — all or none."),idempotency_key:c.z.string().max(128).optional().describe("Dedup key for retries")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_create_variable",async e=>{const{createVariableHandler:t}=await Promise.resolve().then(()=>(ei(),Fr));return t(e)})),Pi("atoms_delete_variable",{title:"Delete Project Variable",description:"Delete a project variable. Refuses by default if any items reference it.\n\nArgs:\n - project_id (string, UUID): Project containing the variable\n - name (string): Variable name to delete\n - force (bool, optional): Delete even if items still reference it (default false)\n\nReturns:\n { deleted, name, referenced_by_items, warning? }",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),name:c.z.string().min(1).max(64).describe("Variable name to delete"),force:c.z.boolean().optional().describe("Delete even if items reference it (default false)"),confirmation_token:c.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_delete_variable",async e=>{const{deleteVariableHandler:t}=await Promise.resolve().then(()=>(ei(),Fr));return t(e)})),Pi("atoms_list_domains",{title:"List Project Domains",description:"List all domain tags registered in a project's taxonomy, with item counts.\n\nArgs:\n - project_id (string, UUID): Project to inspect\n\nReturns:\n { domains: [{ name, item_count }], total }",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_list_domains",async e=>{const{listDomainsHandler:t}=await Promise.resolve().then(()=>(di(),ti));return t(e)})),Pi("atoms_create_domain",{title:"Create Project Domain",description:'Register a new domain tag in the project taxonomy.\n\nOnce created, items can be tagged with this domain via atoms_create_item or atoms_update_item.\n\nArgs:\n - project_id (string, UUID): Project to add the domain to\n - name (string): Domain name (lowercased automatically, e.g., "safety", "can-bus")\n\nReturns:\n { domain: { name }, message }',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),name:c.z.string().min(1).max(64).describe("Domain name")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_create_domain",async e=>{const{createDomainHandler:t}=await Promise.resolve().then(()=>(di(),ti));return t(e)})),Pi("atoms_update_domain",{title:"Rename Project Domain",description:"Rename a domain tag. Updates the taxonomy and propagates to all tagged items.\n\nUse dry_run=true first to see how many items will be affected before committing.\n\nArgs:\n - project_id (string, UUID): Project containing the domain\n - name (string): Current domain name\n - new_name (string): New domain name\n - dry_run (bool, optional): If true, return impact count without making changes (default false)\n\nReturns (dry_run=false):\n { domain: { name }, renamed_from, items_updated, message }\n\nReturns (dry_run=true):\n { dry_run: true, rename: { from, to }, items_affected, message }",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),name:c.z.string().min(1).max(64).describe("Current domain name"),new_name:c.z.string().min(1).max(64).describe("New domain name"),dry_run:c.z.boolean().optional().describe("Preview impact without applying (default false)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_update_domain",async e=>{const{updateDomainHandler:t}=await Promise.resolve().then(()=>(di(),ti));return t(e)})),Pi("atoms_delete_domain",{title:"Delete Project Domain",description:"Delete a domain tag from the project taxonomy.\n\nRefuses by default if any items are tagged with it. With force=true, deletes the\ndomain and strips the tag from all items.\n\nArgs:\n - project_id (string, UUID): Project containing the domain\n - name (string): Domain name to delete\n - force (bool, optional): Strip from items and delete anyway (default false)\n\nReturns:\n { deleted, name, items_updated, message }",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),name:c.z.string().min(1).max(64).describe("Domain name to delete"),force:c.z.boolean().optional().describe("Strip from all items and delete (default false)"),confirmation_token:c.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_delete_domain",async e=>{const{deleteDomainHandler:t}=await Promise.resolve().then(()=>(di(),ti));return t(e)})),Wi({appName:"summary",htmlFile:"summary-app.html",toolName:"atoms_project_summary",title:"Project Compliance Summary",description:'One-call project health and compliance dashboard.\n\nReturns item counts by type, test execution status, requirement coverage\n(overall and by domain), and recent change activity.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive dashboard with charts.\nFalls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): Project to summarize\n\nReturns:\n { project_name, counts, test_status, coverage, coverage_by_domain, recent_changes, last_updated }\n\nExamples:\n - "Give me a compliance snapshot" → atoms_project_summary(project_id)\n - "How\'s our test coverage?" → atoms_project_summary(project_id)',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Vi("atoms_project_summary",async e=>{const{projectSummaryHandler:t}=await Promise.resolve().then(()=>(pi(),ci));return t(e)})}),Wi({appName:"browse",htmlFile:"browse-app.html",toolName:"atoms_browse",title:"Browse ATOMS Items",description:'View and filter items in an ATOMS project with a visual browser.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive filterable list\nwith expandable item details. Falls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): The project to browse\n - type (string, optional): Filter by type (requirement, test-case, note, table)\n - domain (string, optional): Filter by domain tag\n - level (string, optional): Filter by level (System, Subsystem, Component)\n - query (string, optional): Full-text search query\n - limit (number, optional): Max results (default 25, max 100)\n - offset (number, optional): Pagination offset (default 0)\n\nReturns:\n { items: [...], filters: { domains, levels, types }, meta: { total_count, limit, offset, has_more } }\n\nExamples:\n - "Show me the requirements" → atoms_browse(project_id, type="requirement")\n - "Browse safety items" → atoms_browse(project_id, domain="Safety")\n - "Find braking requirements" → atoms_browse(project_id, query="braking")',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),type:c.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),domain:c.z.string().max(64).optional().describe("Filter by domain tag"),level:c.z.string().max(32).optional().describe("Filter by level (System, Subsystem, Component)"),query:c.z.string().max(1e3).optional().describe("Full-text search query"),limit:c.z.number().int().min(1).max(100).default(25).describe("Max results (default 25, max 100)"),offset:c.z.number().int().min(0).default(0).describe("Pagination offset (default 0)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Vi("atoms_browse",async e=>{const{browseHandler:t}=await Promise.resolve().then(()=>(bi(),ui));return t(e)})}),Pi("atoms_impact_analysis",{title:"Analyze Impact of Changing an Item",description:'Analyze the blast radius of changing a specific item.\n\nTraverses the relationship graph from the given item and returns every item that\nwould be affected by a change — with their types, depths, and full relationship paths.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Item to analyze (e.g., "REQ-001")\n - direction (string, optional): "downstream" (default) | "upstream" | "both"\n - downstream: what this item affects (children, verified_by)\n - upstream: what affects this item (parents, verifies)\n - both: full bidirectional traversal\n - depth (integer, optional): Max traversal depth. Omit for full depth (all reachable nodes).\n - include_variable_refs (boolean, optional): Reserved for future variable-aware impact. Default true.\n\nReturns:\n { root: { item_id, title, type }, impacted_items: [{ item_id, title, type, depth, relationship_path }], summary: { total_impacted, by_type, max_depth_reached } }\n\nExamples:\n - "What breaks if I change REQ-001?" → atoms_impact_analysis(project_id, "REQ-001")\n - "What\'s upstream of TC-005?" → atoms_impact_analysis(project_id, "TC-005", direction="upstream")\n - "Show direct dependencies only" → atoms_impact_analysis(project_id, "REQ-001", depth=1)\n\nErrors:\n - "Item not found" → verify item_id exists in the project',inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),item_id:c.z.string().min(1).max(20).describe("Item ID to analyze (e.g., REQ-001)"),direction:c.z.enum(["downstream","upstream","both"]).default("downstream").describe("Traversal direction (default: downstream)"),depth:c.z.number().int().min(1).optional().describe("Max traversal depth. Omit for full depth."),include_variable_refs:c.z.boolean().default(!0).describe("Reserved for variable-aware impact (future). Default true.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_impact_analysis",async e=>{const{impactAnalysisHandler:t}=await Promise.resolve().then(()=>(ji(),wi));return t(e)})),Pi("atoms_list_baselines",{title:"List ATOMS Baselines",description:"List named baselines (named project snapshots) for a project, newest first.\n\nA baseline is a labeled moment in time. Use atoms_create_baseline to make one,\natoms_diff_baselines to compare two, and atoms_restore_baseline to roll back.",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),limit:c.z.number().int().min(1).max(100).default(50).describe("Max results (default 50, max 100)"),offset:c.z.number().int().min(0).default(0).describe("Pagination offset")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_list_baselines",async e=>{const{listBaselinesHandler:t}=await Promise.resolve().then(()=>(Ni(),xi));return t(e)})),Pi("atoms_create_baseline",{title:"Create ATOMS Baseline",description:"Create a named baseline (snapshot label) at the current moment for a project.\n\nThe baseline records a name + timestamp. It does NOT copy item data; the project\nstate at that moment is reconstructed via temporal queries against item_revisions.\nNames must be unique per project (case-insensitive).",inputSchema:{project_id:c.z.string().uuid().describe("UUID of the project"),name:c.z.string().min(1).max(200).describe("Baseline name (1-200 chars, unique per project)"),description:c.z.string().max(2e3).optional().describe("Optional description (max 2000 chars)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_create_baseline",async e=>{const{createBaselineHandler:t}=await Promise.resolve().then(()=>(Ni(),xi));return t(e)})),Pi("atoms_lock_baseline",{title:"Lock ATOMS Baseline",description:"Lock a baseline so it becomes audit-grade immutable. Admin only. One-way: there is no unlock.\n\nAfter locking, the baseline's name, description, and snapshot_at cannot be changed,\nand it cannot be deleted. Use for regulatory submissions and DRBs.",inputSchema:{baseline_id:c.z.string().uuid().describe("UUID of the baseline to lock")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_lock_baseline",async e=>{const{lockBaselineHandler:t}=await Promise.resolve().then(()=>(Ni(),xi));return t(e)})),Pi("atoms_diff_baselines",{title:"Diff ATOMS Baselines",description:"Compute the diff between two baselines: which items were added, removed, or modified.\n\nReturns a summary plus a paginated items array. Pass detail=true to include\nper-item field-level diffs (slower for large projects).",inputSchema:{baseline_a_id:c.z.string().uuid().describe("UUID of the first (older) baseline"),baseline_b_id:c.z.string().uuid().describe("UUID of the second (newer) baseline"),detail:c.z.boolean().default(!1).describe("Include per-item field-level diffs (default false)"),limit:c.z.number().int().min(1).max(200).default(50).describe("Max items per page (default 50)"),offset:c.z.number().int().min(0).default(0).describe("Pagination offset")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Vi("atoms_diff_baselines",async e=>{const{diffBaselinesHandler:t}=await Promise.resolve().then(()=>(Ni(),xi));return t(e)})),Pi("atoms_restore_baseline",{title:"Restore from ATOMS Baseline",description:"Restore project state to a baseline. Admin only. Preview-by-default.\n\nCall with confirm=false (default) for a dry run that returns items_to_restore count.\nCall with confirm=true to execute: each item present at the baseline gets a new\nrevision matching its historical state, event_source='restore'. Items added AFTER\nthe baseline are NOT deleted. Always recoverable via further history.",inputSchema:{baseline_id:c.z.string().uuid().describe("UUID of the baseline to restore from"),confirm:c.z.boolean().default(!1).describe("Set true to execute; false (default) returns a preview")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!1,openWorldHint:!1}},Vi("atoms_restore_baseline",async e=>{const{restoreBaselineHandler:t}=await Promise.resolve().then(()=>(Ni(),xi));return t(e)}))}});F(),q(),Se(),P();var Gi=l.createRequire("undefined"==typeof document?require("url").pathToFileURL(__filename).href:p&&"SCRIPT"===p.tagName.toUpperCase()&&p.src||new URL("index.cjs",document.baseURI).href)("../package.json"),Yi=process.argv.slice(2)[0];(async function(){switch(Yi){case"login":{const{login:e}=await Promise.resolve().then(()=>(He(),ke));try{const{email:t}=await e();process.stderr.write(`\n ✓ Authenticated as ${t}\n`),process.stderr.write(" ✓ Credentials saved to ~/.atoms/credentials.json\n\n"),process.stderr.write(" Next steps:\n"),process.stderr.write(" $ claude mcp add atoms -- npx -y @atoms-tech/atoms-mcp\n"),process.stderr.write("\n Or add to Claude Desktop (Settings → MCP → Edit Config):\n"),process.stderr.write(' {\n "mcpServers": {\n "atoms": {\n "command": "npx",\n "args": ["-y", "@atoms-tech/atoms-mcp"]\n }\n }\n }\n\n')}catch(e){process.stderr.write(`\n ✗ ${e instanceof Error?e.message:String(e)}\n\n`),process.exit(1)}break}case"whoami":{const{getValidToken:e}=await Promise.resolve().then(()=>(ue(),ae));try{const{email:t,user_id:r}=await e();process.stderr.write(`\n ✓ Logged in as ${t}\n User ID: ${r}\n\n`)}catch(e){process.stderr.write("\n ✗ Not authenticated.\n Run: npx @atoms-tech/atoms-mcp login\n\n"),process.exit(1)}break}case"logout":{const{clearCredentials:e}=await Promise.resolve().then(()=>(re(),B));await e(),process.stderr.write("Logged out. Credentials removed.\n"),process.stderr.write("Run 'npx @atoms-tech/atoms-mcp login' to authenticate again.\n");break}case"--version":case"-v":process.stderr.write(`@atoms-tech/atoms-mcp v${Gi.version}\n`);break;case"--help":case"-h":process.stderr.write("ATOMS MCP Server — AI agent integration for requirements management\n\nUsage:\n npx @atoms-tech/atoms-mcp Start MCP server (stdio)\n npx @atoms-tech/atoms-mcp login Authenticate with ATOMS.tech\n npx @atoms-tech/atoms-mcp logout Switch account / clear credentials\n npx @atoms-tech/atoms-mcp whoami Show current user\n npx @atoms-tech/atoms-mcp --version Show version\n");break;default:{process.stderr.write("[atoms-mcp] Starting MCP server via stdio...\n");try{const{getValidToken:e}=await Promise.resolve().then(()=>(ue(),ae)),{email:t}=await e();process.stderr.write(`[atoms-mcp] Authenticated as ${t}\n`)}catch{process.stderr.write("[atoms-mcp] No credentials found. Starting login flow...\n");try{const{login:e}=await Promise.resolve().then(()=>(He(),ke)),{email:t}=await e();process.stderr.write(`[atoms-mcp] Authenticated as ${t}\n`)}catch(e){process.stderr.write(`[atoms-mcp] Login failed: ${e instanceof Error?e.message:String(e)}\n[atoms-mcp] Starting server without auth. Tools will fail until you run: npx @atoms-tech/atoms-mcp login\n`)}}try{const t=await fe(),r=be(),i=await async function(e,t){const r=process.env.ATOMS_MCP_ORG_ID?.trim();if(r)return r;const{data:i,error:n}=await e.from("org_members").select("org_id, joined_at").eq("user_id",t).order("joined_at",{ascending:!0}).limit(1).maybeSingle();return n?(process.stderr.write(`[atoms-mcp] Could not resolve session org: ${n.message}\n`),null):i?.org_id??null}(t,r),n=await async function(e,t,r){if(!r)return{role:null,is_member:!1,effective:H};const{data:i,error:n}=await e.rpc("mcp_resolve_policy",{p_user_id:t,p_org_id:r});return n?(process.stderr.write(`[atoms-mcp] mcp_resolve_policy failed (${n.code}): ${n.message}. Falling back to permissive policy.\n`),{role:null,is_member:!1,effective:H}):function(e){if(!e||"object"!=typeof e)return{role:null,is_member:!1,effective:H};const t=e,r="string"==typeof t.role?t.role:null,i=!0===t.is_member,n=t.effective??{},a=(e,t)=>Array.isArray(e)?e.filter(e=>"string"==typeof e):t,s=(e,t)=>"boolean"==typeof e?e:t,o=n.project_scope,d=Array.isArray(o)&&o.length>0?o.filter(e=>"string"==typeof e):null;return{role:r,is_member:i,effective:{read_only:s(n.read_only,H.read_only),lockdown:s(n.lockdown,H.lockdown),block_destructive:s(n.block_destructive,H.block_destructive),block_bulk_import:s(n.block_bulk_import,H.block_bulk_import),cross_project_browse:s(n.cross_project_browse,H.cross_project_browse),allowed_toolsets:a(n.allowed_toolsets,H.allowed_toolsets),forbidden_tools:a(n.forbidden_tools,H.forbidden_tools),project_scope:d,require_confirmation_for:a(n.require_confirmation_for,H.require_confirmation_for)}}}(i)}(t,r,i);e={effective:n.effective,role:n.role,org_id:i},D=e.effective,R=e.org_id,n.is_member&&i?process.stderr.write(`[atoms-mcp] Org policy loaded: org=${i.slice(0,8)}… role=${n.role??"?"} read_only=${n.effective.read_only} lockdown=${n.effective.lockdown}\n`):process.stderr.write("[atoms-mcp] No org membership detected — running with permissive default policy.\n")}catch(e){process.stderr.write(`[atoms-mcp] Could not resolve session policy (${e instanceof Error?e.message:String(e)}). Running with permissive default — RLS still enforces row-level access.\n`)}process.stderr.write(`[atoms-mcp] Tool registry: ${function(){const e=N(),t=$(),r=[];r.push(e?"read-only":"read+write"),null===t?r.push("all toolsets"):(r.push(`toolsets=${[...t.allowed].sort().join(",")||"(none — only always-on tools)"}`),t.unknown.length>0&&r.push(`unknown=${t.unknown.join(",")}`));const i=process.env.ATOMS_MCP_PROJECT_ID?.trim();return i&&r.push(`project_scope=${i.slice(0,8)}…`),("1"===process.env.ATOMS_MCP_LOCKDOWN||"true"===process.env.ATOMS_MCP_LOCKDOWN)&&r.push("lockdown=on"),r.join(" | ")}()}\n`);const{server:t}=await Promise.resolve().then(()=>(Qi(),Li)),r=new m.StdioServerTransport;await t.connect(r),process.stderr.write("[atoms-mcp] MCP server running. Waiting for tool calls...\n")}}var e})().catch(e=>{process.stderr.write(`[atoms-mcp] Fatal: ${e instanceof Error?e.message:String(e)}\n`),process.exit(1)});
2
+ "use strict";var e=require("fs/promises"),t=require("os"),r=require("path"),i=require("@supabase/supabase-js"),n=require("http"),a=require("crypto"),s=require("url"),o=require("zod"),d=require("@modelcontextprotocol/ext-apps/server"),c=require("@modelcontextprotocol/sdk/server/mcp.js"),l=require("module"),m=require("@modelcontextprotocol/sdk/server/stdio.js"),p="undefined"!=typeof document?document.currentScript:null;function u(e){return e&&e.__esModule?e:{default:e}}var _,f,h,g,y,b,w,v=u(e),j=u(r),x=u(a),S=Object.defineProperty,k=Object.getOwnPropertyNames,I=(e,t)=>function(){return e&&(t=(0,e[k(e)[0]])(e=0)),t},E=(e,t)=>{for(var r in t)S(e,r,{get:t[r],enumerable:!0})};function O(e){return w.get(e)}var T=I({"src/core/tool-catalog.ts"(){_=new Set(["atoms_status","atoms_list_projects"]),f=new Set(["atoms_create_item","atoms_update_item","atoms_delete_item","atoms_restore_item","atoms_link_items","atoms_bulk_import","atoms_record_test_result","atoms_record_test_results","atoms_create_variable","atoms_update_variable","atoms_delete_variable","atoms_create_domain","atoms_update_domain","atoms_delete_domain","atoms_create_baseline","atoms_lock_baseline","atoms_restore_baseline"]),h=new Set(["atoms_delete_item","atoms_delete_variable","atoms_delete_domain","atoms_restore_baseline"]),g=new Set(["atoms_bulk_import"]),y={items:["atoms_list_items","atoms_get_item","atoms_search","atoms_semantic_search","atoms_browse","atoms_get_history","atoms_create_item","atoms_update_item","atoms_delete_item","atoms_restore_item","atoms_bulk_import"],traceability:["atoms_trace","atoms_link_items","atoms_export_mermaid","atoms_impact_analysis"],coverage:["atoms_get_coverage","atoms_record_test_result","atoms_record_test_results","atoms_project_summary","atoms_list_assets"],variables:["atoms_list_variables","atoms_get_variable","atoms_create_variable","atoms_update_variable","atoms_delete_variable"],domains:["atoms_list_domains","atoms_create_domain","atoms_update_domain","atoms_delete_domain"],baselines:["atoms_list_baselines","atoms_create_baseline","atoms_lock_baseline","atoms_diff_baselines","atoms_restore_baseline"]},b=Object.keys(y),w=new Map;for(const[e,t]of Object.entries(y))for(const r of t)w.set(r,e)}});function U(e,t){if(_.has(t))return{allowed:!0};if(e.lockdown&&!new Set(["atoms_list_items","atoms_get_item","atoms_search","atoms_browse"]).has(t))return{allowed:!1,reason:"lockdown"};if(e.forbidden_tools.includes(t))return{allowed:!1,reason:"forbidden_tool"};if(e.read_only&&f.has(t))return{allowed:!1,reason:"read_only"};if(e.block_destructive&&h.has(t))return{allowed:!1,reason:"block_destructive"};if(e.block_bulk_import&&g.has(t))return{allowed:!1,reason:"block_bulk_import"};const r=O(t);return void 0===r||e.allowed_toolsets.includes(r)?{allowed:!0}:{allowed:!1,reason:"toolset_disabled"}}function A(e,t){return U(e,t).allowed}function z(e){switch(e){case"lockdown":return"MCP is in lockdown mode for your role — only read-only browse is available.";case"read_only":return"Your org policy puts MCP in read-only mode. Mutating tools are not exposed.";case"block_destructive":return"Your org policy blocks destructive operations (delete tools).";case"block_bulk_import":return"Your org policy blocks bulk import.";case"forbidden_tool":return"This tool is on your org's forbidden list.";case"toolset_disabled":return"This tool's toolset is not enabled in your org policy."}}var H,D,R,C=I({"src/core/policy.ts"(){T()}}),P=I({"src/core/types.ts"(){H={read_only:!1,lockdown:!1,block_destructive:!1,block_bulk_import:!1,cross_project_browse:!0,allowed_toolsets:["items","traceability","coverage","variables","domains","baselines"],forbidden_tools:[],project_scope:null,require_confirmation_for:[]}}});function M(){return D}var q=I({"src/middleware/session-policy.ts"(){P(),D=H,R=null}});function $(){const e=process.env.ATOMS_MCP_TOOLSETS?.trim();if(!e)return null;const t=e.split(",").map(e=>e.trim()).filter(Boolean);if(0===t.length)return null;const r=new Set,i=[];for(const e of t)b.includes(e)?r.add(e):i.push(e);return{allowed:r,unknown:i}}function N(){const e=process.env.ATOMS_MCP_READ_ONLY;return"1"===e||"true"===e?.toLowerCase()}function L(e){if(N()&&f.has(e))return!1;if(_.has(e))return!0;const t=$();if(null===t)return A(M(),e);const r=O(e);return!!r&&!!t.allowed.has(r)&&A(M(),e)}var W,V,F=I({"src/middleware/tool-registry.ts"(){T(),C(),q()}}),B={};async function J(){try{const t=await e.readFile(V,"utf-8"),r=JSON.parse(t);return r.access_token&&r.refresh_token?r:null}catch{return null}}async function Q(t){await e.mkdir(W,{recursive:!0,mode:448}),await e.writeFile(V,JSON.stringify(t,null,2),{mode:384})}async function G(){const e=await J();return!!e&&e.expires_at>Date.now()+6e4}function Y(e){return e.expires_at>Date.now()+6e4}async function K(){try{await e.unlink(V)}catch{}}function Z(){return V}E(B,{clearCredentials:()=>K,getCredentialsPath:()=>Z,hasValidCredentials:()=>G,isTokenValid:()=>Y,readCredentials:()=>J,writeCredentials:()=>Q});var X,ee,te,re=I({"src/auth/token-store.ts"(){W=r.join(t.homedir(),".atoms"),V=r.join(W,"credentials.json")}}),ie={};E(ie,{ATOMS_APP_URL:()=>te,ATOMS_SUPABASE_ANON_KEY:()=>ee,ATOMS_SUPABASE_URL:()=>X});var ne=I({"src/config.ts"(){X="https://gmebjyhomsbvhrxffzre.supabase.co",ee="sb_publishable_b49MUAB8XCrQiF7x5b9lUA_w1aplSBH",te=process.env.ATOMS_APP_URL??"https://atoms.tech"}}),ae={};async function se(){const e=process.env.ATOMS_ACCESS_TOKEN;if(e){const t=oe(e);return{access_token:e,refresh_token:"",user_id:t.sub,email:t.email??""}}const t=await J();if(!t)throw new Error("Not authenticated. Run 'npx @atoms-tech/atoms-mcp login' to connect your ATOMS account.");if(t.expires_at>Date.now()+6e4){const e=oe(t.access_token);return{access_token:t.access_token,refresh_token:t.refresh_token,user_id:e.sub,email:e.email??t.user_email??""}}process.stderr.write("[atoms-mcp] Refreshing access token...\n");const r=i.createClient(X,ee),{data:n,error:a}=await r.auth.refreshSession({refresh_token:t.refresh_token});if(a||!n.session)throw new Error(`Token refresh failed: ${a?.message??"No session returned"}. Re-run 'npx @atoms-tech/atoms-mcp login'.`);const s=n.session;return await Q({access_token:s.access_token,refresh_token:s.refresh_token,expires_at:Date.now()+1e3*(s.expires_in??3600),user_email:s.user?.email}),{access_token:s.access_token,refresh_token:s.refresh_token,user_id:s.user?.id??"",email:s.user?.email??""}}function oe(e){const t=e.split(".");if(3!==t.length)throw new Error("Invalid JWT format");const r=t[1].replace(/-/g,"+").replace(/_/g,"/").padEnd(t[1].length+(4-t[1].length%4)%4,"="),i=JSON.parse(Buffer.from(r,"base64").toString("utf-8"));if(!i.sub)throw new Error("JWT missing 'sub' claim");return i}E(ae,{getValidToken:()=>se});var de,ce,le,me,pe,ue=I({"src/auth/refresh.ts"(){re(),ne()}}),_e={};async function fe(){if(de)try{const e=await J();e&&e.expires_at>pe&&(process.stderr.write("[atoms-mcp] Credentials file refreshed elsewhere — rebuilding client.\n"),he())}catch{}if(de&&me>Date.now()+6e4)return de;de&&process.stderr.write("[atoms-mcp] Token expiring, refreshing client...\n");const{access_token:e,user_id:t,email:r}=await se(),n=e.split(".");if(3===n.length)try{const e=JSON.parse(Buffer.from(n[1].replace(/-/g,"+").replace(/_/g,"/"),"base64").toString());me=1e3*(e.exp??0)}catch{me=Date.now()+36e5}try{const e=await J();pe=e?.expires_at??0}catch{pe=0}const a=i.createClient(X,ee,{global:{headers:{Authorization:`Bearer ${e}`}}});return ce=t,le=r,de=a}function he(){de=null,ce=null,le=null,me=0,pe=0}function ge(e){let t="";if(e instanceof Error)t=e.message;else if(e&&"object"==typeof e){const r=e;t="string"==typeof r.message?r.message:"string"==typeof r.code?r.code:String(e)}else null!=e&&(t=String(e));return/jwt\s*expired|invalid.?jwt|token.*(?:has\s+)?expired|jwt.*invalid|pgrst301/i.test(t)}async function ye(e){try{return await e()}catch(t){if(!ge(t))throw t;return process.stderr.write("[atoms-mcp] Data tier rejected JWT — invalidating client and retrying once.\n"),he(),await e()}}function be(){if(!ce)throw new Error("Not authenticated. Call getClient() first.");return ce}function we(){return le??""}async function ve(e,t){const r=be(),{data:i,error:n}=await e.from("projects").select("org_id").eq("id",t).maybeSingle();if(n||!i)throw new Error(`Project '${t}' not found`);const{data:a,error:s}=await e.from("org_members").select("role").eq("user_id",r).eq("org_id",i.org_id).maybeSingle();if(s||!a){const{data:t}=await e.rpc("is_platform_admin");if(!0===t)return"admin";throw new Error("Not a member of this project's organization")}if("viewer"===a.role)throw new Error("VIEWER_ROLE");return a.role}E(_e,{getClient:()=>fe,getUserEmail:()=>we,getUserId:()=>be,invalidateClient:()=>he,isJwtExpiredError:()=>ge,requireWriteAccess:()=>ve,withJwtRetry:()=>ye});var je,xe,Se=I({"src/db/client.ts"(){ue(),re(),ne(),de=null,ce=null,le=null,me=0,pe=0}}),ke={};async function Ie(){const e=a.randomBytes(32).toString("base64url"),t=a.createHash("sha256").update(e).digest("base64url"),r=`http://localhost:${je}${xe}`,i=new s.URL(`${te}/auth/mcp-consent`);return i.searchParams.set("redirect_uri",r),i.searchParams.set("code_challenge",t),i.searchParams.set("code_challenge_method","S256"),new Promise((t,r)=>{let a;function o(){clearTimeout(a)}const d=n.createServer(async(i,n)=>{const a=new s.URL(i.url??"/",`http://localhost:${je}`);if(a.pathname!==xe)return n.writeHead(404),void n.end("Not found");try{if("access_denied"===a.searchParams.get("error"))return n.writeHead(200,{"Content-Type":"text/html"}),n.end(Oe("Authorization was cancelled.")),o(),d.close(),void r(new Error("Authorization cancelled by user."));const i=a.searchParams.get("code");if(i){const a=await fetch(`${X}/auth/v1/token?grant_type=pkce`,{method:"POST",headers:{"Content-Type":"application/json",apikey:ee},body:JSON.stringify({auth_code:i,code_verifier:e})}),s=await a.json();if(!a.ok||!s.access_token){const e=s.error_description??s.msg??"Unknown error";return n.writeHead(200,{"Content-Type":"text/html"}),n.end(Oe(`Code exchange failed: ${e}`)),o(),d.close(),void r(new Error(`Code exchange failed: ${e}`))}let c="authenticated";try{c=JSON.parse(Buffer.from(s.access_token.split(".")[1],"base64").toString()).email??c}catch{}const{createClient:l}=await import("@supabase/supabase-js"),m=l(X,ee,{global:{headers:{Authorization:`Bearer ${s.access_token}`}}}),{data:p,error:u}=await m.from("org_members").select("org_id").limit(1);return u||!p||0===p.length?(n.writeHead(200,{"Content-Type":"text/html"}),n.end(Oe('No ATOMS account found for this Google account.<br><br>Please sign up at <a href="https://atoms.tech">atoms.tech</a> first, then run this login command again.')),o(),d.close(),void r(new Error("No ATOMS account found. Sign up at atoms.tech first."))):(await Q({access_token:s.access_token,refresh_token:s.refresh_token,expires_at:Date.now()+1e3*(s.expires_in??3600),user_email:c}),n.writeHead(200,{"Content-Type":"text/html"}),n.end(Ee(c)),o(),d.close(),void t({email:c}))}const s=a.searchParams.get("access_token"),c=a.searchParams.get("refresh_token"),l=parseInt(a.searchParams.get("expires_in")??"3600",10);s&&c?(await Q({access_token:s,refresh_token:c,expires_at:Date.now()+1e3*l}),n.writeHead(200,{"Content-Type":"text/html"}),n.end(Ee("authenticated")),o(),d.close(),t({email:"authenticated"})):(n.writeHead(200,{"Content-Type":"text/html"}),n.end("<!DOCTYPE html>\n<html>\n<head><title>ATOMS MCP Login</title></head>\n<body>\n <h1>Completing login...</h1>\n <script>\n const hash = window.location.hash.substring(1);\n const params = new URLSearchParams(hash);\n const data = {\n access_token: params.get('access_token'),\n refresh_token: params.get('refresh_token'),\n expires_in: params.get('expires_in'),\n user_email: ''\n };\n if (data.access_token) {\n // Decode JWT to get email\n try {\n const payload = JSON.parse(atob(data.access_token.split('.')[1]));\n data.user_email = payload.email || '';\n } catch(e) {}\n fetch('/token', {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(data)\n }).then(() => {\n document.body.innerHTML = '<h1>Login successful! You can close this tab.</h1>';\n }).catch(() => {\n document.body.innerHTML = '<h1>Login failed. Please try again.</h1>';\n });\n } else {\n document.body.innerHTML = '<h1>Login failed — no tokens received.</h1>';\n }\n <\/script>\n</body>\n</html>"))}catch(e){n.writeHead(500),n.end("Authentication failed"),o(),d.close(),r(e)}});d.on("request",async(e,i)=>{if("POST"===e.method&&"/token"===e.url){let n="";e.on("data",e=>{n+=e.toString()}),e.on("end",async()=>{try{const e=JSON.parse(n);await Q({access_token:e.access_token,refresh_token:e.refresh_token,expires_at:Date.now()+1e3*(e.expires_in??3600),user_email:e.user_email}),i.writeHead(200,{"Content-Type":"application/json"}),i.end(JSON.stringify({ok:!0})),o(),d.close(),t({email:e.user_email??"authenticated"})}catch(e){i.writeHead(500),i.end("Failed to store credentials"),o(),d.close(),r(e)}})}}),d.listen(je,"127.0.0.1",async()=>{process.stderr.write("\nOpening browser for ATOMS login...\n"),process.stderr.write(`If the browser doesn't open, visit:\n${i.toString()}\n\n`);try{const{default:e}=await import("open");await e(i.toString())}catch{process.stderr.write("Could not open browser automatically. Please open the URL above.\n")}}),a=setTimeout(()=>{d.close(),r(new Error("Login timed out after 60 seconds. Run 'npx @atoms-tech/atoms-mcp login' to try again."))},6e4)})}function Ee(e){return`<!DOCTYPE html>\n<html>\n<head>\n <title>ATOMS MCP — Authorized</title>\n <style>\n * { margin: 0; padding: 0; box-sizing: border-box; }\n body {\n font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', system-ui, sans-serif;\n background: #0a0a0a;\n color: #fafafa;\n display: flex;\n align-items: center;\n justify-content: center;\n min-height: 100vh;\n }\n .card {\n background: #171717;\n border: 1px solid #262626;\n border-radius: 16px;\n padding: 48px;\n max-width: 480px;\n width: 100%;\n text-align: center;\n }\n .icon {\n width: 56px;\n height: 56px;\n background: #052e16;\n border-radius: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n margin: 0 auto 24px;\n }\n .icon svg { width: 28px; height: 28px; }\n h1 {\n font-size: 22px;\n font-weight: 600;\n margin-bottom: 8px;\n color: #22c55e;\n }\n .email {\n font-size: 14px;\n color: #a3a3a3;\n margin-bottom: 32px;\n }\n .permissions {\n text-align: left;\n background: #0a0a0a;\n border: 1px solid #262626;\n border-radius: 12px;\n padding: 20px;\n margin-bottom: 24px;\n }\n .permissions h3 {\n font-size: 12px;\n font-weight: 600;\n color: #737373;\n text-transform: uppercase;\n letter-spacing: 0.05em;\n margin-bottom: 12px;\n }\n .perm-item {\n display: flex;\n align-items: center;\n gap: 10px;\n padding: 6px 0;\n font-size: 14px;\n color: #d4d4d4;\n }\n .perm-item .dot {\n width: 6px;\n height: 6px;\n background: #22c55e;\n border-radius: 50%;\n flex-shrink: 0;\n }\n .closing {\n font-size: 13px;\n color: #525252;\n }\n .closing span { color: #a3a3a3; font-variant-numeric: tabular-nums; }\n </style>\n</head>\n<body>\n <div class="card">\n <div class="icon">\n <svg fill="none" viewBox="0 0 24 24" stroke="#22c55e" stroke-width="2.5">\n <path stroke-linecap="round" stroke-linejoin="round" d="M5 13l4 4L19 7"/>\n </svg>\n </div>\n <h1>Authorization Granted</h1>\n <p class="email">${e}</p>\n\n <div class="permissions">\n <h3>ATOMS MCP can now</h3>\n <div class="perm-item"><span class="dot"></span> Read your projects and requirements</div>\n <div class="perm-item"><span class="dot"></span> Create and edit requirements and test cases</div>\n <div class="perm-item"><span class="dot"></span> Record test results (pass/fail)</div>\n <div class="perm-item"><span class="dot"></span> Manage traceability relationships</div>\n <div class="perm-item"><span class="dot"></span> Export coverage reports and diagrams</div>\n </div>\n\n <p class="closing">This tab will close in <span id="countdown">5</span>s</p>\n </div>\n\n <script>\n let seconds = 5;\n const el = document.getElementById('countdown');\n const timer = setInterval(() => {\n seconds--;\n el.textContent = seconds;\n if (seconds <= 0) {\n clearInterval(timer);\n window.close();\n // If window.close() is blocked (not opened by script), update message\n setTimeout(() => {\n document.querySelector('.closing').textContent = 'You can close this tab now.';\n }, 500);\n }\n }, 1000);\n <\/script>\n</body>\n</html>`}function Oe(e){return`<!DOCTYPE html>\n<html>\n<head>\n <title>ATOMS MCP — Failed</title>\n <style>\n * { margin: 0; padding: 0; box-sizing: border-box; }\n body {\n font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', system-ui, sans-serif;\n background: #0a0a0a;\n color: #fafafa;\n display: flex;\n align-items: center;\n justify-content: center;\n min-height: 100vh;\n }\n .card {\n background: #171717;\n border: 1px solid #262626;\n border-radius: 16px;\n padding: 48px;\n max-width: 480px;\n width: 100%;\n text-align: center;\n }\n .icon {\n width: 56px;\n height: 56px;\n background: #450a0a;\n border-radius: 50%;\n display: flex;\n align-items: center;\n justify-content: center;\n margin: 0 auto 24px;\n }\n .icon svg { width: 28px; height: 28px; }\n h1 { font-size: 22px; font-weight: 600; margin-bottom: 16px; color: #ef4444; }\n .reason { font-size: 14px; color: #a3a3a3; line-height: 1.6; }\n .reason a { color: #7c3aed; text-decoration: underline; }\n </style>\n</head>\n<body>\n <div class="card">\n <div class="icon">\n <svg fill="none" viewBox="0 0 24 24" stroke="#ef4444" stroke-width="2.5">\n <path stroke-linecap="round" stroke-linejoin="round" d="M6 18L18 6M6 6l12 12"/>\n </svg>\n </div>\n <h1>Authorization Failed</h1>\n <p class="reason">${e}</p>\n </div>\n</body>\n</html>`}E(ke,{login:()=>Ie});var Te,Ue,Ae,ze,He=I({"src/auth/login.ts"(){re(),ne(),je=19275,xe="/callback"}});function De(e,t=0){if(t>5)return"[depth-limit]";if("string"==typeof e){for(const t of Ae)if(t.test(e.trim()))return"[redacted]";return e.length>ze?e.slice(0,ze)+"…":e}if(Array.isArray(e))return e.slice(0,20).map(e=>De(e,t+1));if(null!==e&&"object"==typeof e){const r={};for(const[i,n]of Object.entries(e)){const e=i.toLowerCase();Te.has(e)?r[i]="[redacted]":Ue.has(e)?r[i]="string"==typeof n?"[content]":De(n,t+1):r[i]=De(n,t+1)}return r}return e}function Re(e){return De(e)}var Ce,Pe,Me,qe,$e,Ne=I({"src/middleware/audit.ts"(){Te=new Set(["access_token","refresh_token","password","api_key","secret","token","authorization","credential","credentials","private_key"]),Ue=new Set(["body","description","content","notes","summary","title","system_prompt","prompt"]),Ae=[/^[^\s@]+@[^\s@]+\.[^\s@]+$/,/^bearer\s+\S+$/i,/^(sk|pk|npm|gh|glpat|xoxb|xoxp|rk|SG\.)[-_][A-Za-z0-9_-]{16,}/,/^eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+$/],ze=200}}),Le=I({"src/middleware/rate-limiter.ts"(){Ce=60,Pe=6e4}});function We(){const e=process.env.ATOMS_MCP_PROJECT_ID?.trim();return e?Me.test(e)?e:(qe||(process.stderr.write(`[atoms-mcp] WARNING: ATOMS_MCP_PROJECT_ID="${e.slice(0,50)}" is not a valid UUID — scope ignored.\n`),qe=!0),null):null}var Ve,Fe=I({"src/middleware/project-scope.ts"(){Me=/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i,qe=!1,$e=class extends Error{expectedProjectId;receivedProjectId;constructor(e,t){super("Tool call rejected: project_id is outside the configured ATOMS_MCP_PROJECT_ID scope."),this.name="ProjectScopeError",this.expectedProjectId=e,this.receivedProjectId=t}}}});function Be(e){const t=function(e){return e.trim().toLowerCase().replace(/[^a-z0-9]+/g,"_").replace(/^_+|_+$/g,"")}(e??"");return t?t.includes("cursor")?"cursor":t.includes("copilot")?"copilot":t.includes("claude")?Ve:t:Ve}var Je,Qe,Ge,Ye,Ke,Ze,Xe=I({"src/core/client-identity.ts"(){Ve="claude_desktop"}}),et=I({"src/core/timestamps.ts"(){Je=o.z.string().datetime({offset:!0})}}),tt={};function rt(e,t=Ge){if("string"!=typeof e)return"";const r=e.replace(Ke,"").replace(Ze,"");return r.length<=t?r:r.slice(0,t)+"..."}function it(e){return"string"!=typeof e?"":e.trim().toLowerCase().replace(/\s+/g,"-").replace(/[^a-z0-9-]/g,"").replace(/-+/g,"-").replace(/^-|-$/g,"")}function nt(e,t){return{status:"success",data:e,...t?{meta:t}:{}}}function at(e,t,r){return{total_count:e,limit:t,offset:r,has_more:r+t<e}}function st(e,t){return{status:"error",message:e,next_steps:t}}function ot(e,t){return st(`${e} '${rt(t)}' not found`,[`Verify the ${e.toLowerCase()} ID is correct`,"Use atoms_list_items or atoms_search to find valid IDs"])}function dt(e){return st(`${e} role cannot modify project data`,["Contact your org admin to upgrade your role to editor","Use read-only tools (atoms_list_items, atoms_get_item, atoms_search) instead"])}function ct(e){return st(`Validation error: ${rt(e,Ye)}`,["Check the parameter types and constraints in the tool description","Ensure all required parameters are provided"])}function lt(){return st("Not authenticated. Run 'npx @atoms-tech/atoms-mcp login' first.",["Run: npx @atoms-tech/atoms-mcp login","Or set ATOMS_ACCESS_TOKEN environment variable"])}function mt(){return st("Your ATOMS session token expired and could not be refreshed automatically.",["Call atoms_status() — it will refresh the token if possible","If that still reports 'expired', restart Claude Desktop (quit and reopen)","If the problem persists, run: npx @atoms-tech/atoms-mcp logout && npx @atoms-tech/atoms-mcp login"])}function pt(e){return st("Tool call rejected: project_id is outside the configured ATOMS_MCP_PROJECT_ID scope.",[`This MCP session is bound to project ${e}`,"Pass that project_id, or restart without ATOMS_MCP_PROJECT_ID to access other projects"])}function ut(e){return st("Rate limited: too many requests to ATOMS API.",[e?`Wait ${e} seconds before retrying.`:"Wait a few seconds before retrying.","Reduce the frequency of back-to-back tool calls"])}function _t(e){return st(`Parse error: ${rt(e,Ye)}`,["Check that body/title/summary fields contain valid text (no unexpected control characters)","If the content was generated programmatically, validate the string before passing it","Simplify the content and retry — if it succeeds, the original content has a malformed character"])}function ft(e){return/stale_item_write|sqlstate\s*40001|\b40001\b|could not serialize access/i.test(e)}function ht(){return st("Stale write rejected: this item changed after it was read.",["Call atoms_get_item again and use the returned metadata.updated_at value","Review the current item before retrying so you do not overwrite newer work","Retry atoms_update_item or atoms_link_items with the fresh expected timestamp"])}function gt(e){const t=e instanceof Error?e.message:String(e);return/not authenticated/i.test(t)?lt():/jwt\s*expired|invalid.?jwt|token.*(?:has\s+)?expired|jwt.*invalid|pgrst301/i.test(t)?mt():/rate.?limit|too many requests|429/i.test(t)?ut():ft(t)?ht():/invalid input syntax|invalid json|unexpected token|malformed|json parse/i.test(t)?_t(t):yt(t)}function yt(e){return/row.level security|permission denied for/i.test(e)?st("Permission denied: your account does not have write access to this project.",["Verify you have editor or admin role in this project","Contact your org admin to upgrade your permissions","Use atoms_list_projects to confirm the project_id is one you have access to"]):st(`Database error: ${rt(e,Ye)}`,["This may be a temporary issue — try again","If the error persists, check that the project_id is valid"])}function bt(e){return null==e?e:`<user_content>${e}</user_content>`}function wt(e){const t=JSON.stringify(e,null,2);if(t.length>Qe&&"success"===e.status&&Array.isArray(e.data)){const t=Math.max(1,Math.floor(e.data.length/2)),r={...e,data:e.data.slice(0,t),meta:{...e.meta,truncated:!0,truncation_message:`Response truncated from ${e.data.length} to ${t} items. Use 'offset' parameter or add filters to see more results.`}};return{content:[{type:"text",text:JSON.stringify(r,null,2)}],structuredContent:r}}return{content:[{type:"text",text:t}],structuredContent:e}}function vt(e){return{content:[{type:"text",text:JSON.stringify(e,null,2)}],structuredContent:e,isError:!0}}E(tt,{CHARACTER_LIMIT:()=>Qe,accessDeniedError:()=>dt,authError:()=>lt,classifyError:()=>gt,dbError:()=>yt,errorResponse:()=>st,formatErrorResult:()=>vt,formatToolResult:()=>wt,isStaleWriteErrorMessage:()=>ft,jwtExpiredError:()=>mt,notFoundError:()=>ot,paginationMeta:()=>at,parseError:()=>_t,rateLimitError:()=>ut,sanitizeForEcho:()=>rt,sanitizeTagOrLevel:()=>it,scopeError:()=>pt,staleWriteError:()=>ht,success:()=>nt,validationError:()=>ct,wrapUserContent:()=>bt});var jt,xt=I({"src/tools/_base.ts"(){Qe=25e3,Ge=50,Ye=200,Ke=new RegExp("[\\u0000-\\u001F\\u007F]","g"),Ze=new RegExp("[\\u200B-\\u200F\\u202A-\\u202E\\u2060-\\u206F\\uFEFF]","g")}});var St=I({"src/apps/register.ts"(){jt={resourceDomains:["fonts.googleapis.com","fonts.gstatic.com"]}}});async function kt(e,t,r){let i=e.from("items").select("*",{count:"exact"}).eq("project_id",t).is("deleted_at",null).order("created_at",{ascending:!0});r.type&&(i=i.eq("type",r.type)),r.domain&&(i=i.filter("data->tags->domains","cs",JSON.stringify([r.domain]))),r.level&&(i=i.filter("data->tags->>level","eq",r.level)),i=i.range(r.offset,r.offset+r.limit-1);const{data:n,error:a,count:s}=await i;if(a)throw new Error(a.message);return{items:n??[],totalCount:s??0}}async function It(e,t,r){const{data:i,error:n}=await e.from("items").select("*").eq("id",r).eq("project_id",t).is("deleted_at",null).maybeSingle();if(n)throw new Error(n.message);return i}async function Et(e,t){if(t.baseline_id&&t.as_of)throw new Error("baseline_id and as_of are mutually exclusive");if(t.as_of)return t.as_of;if(t.baseline_id){const{data:r,error:i}=await e.from("baselines").select("project_id, snapshot_at, deleted_at").eq("id",t.baseline_id).maybeSingle();if(i)throw new Error(`resolveSnapshotAt: ${i.message}`);if(!r||null!==r.deleted_at)throw new Error(`Baseline not found: ${t.baseline_id}`);if(r.project_id!==t.project_id)throw new Error("Baseline does not belong to this project");return r.snapshot_at}return null}async function Ot(e,t){const{data:r,error:i}=await e.from("baselines").select("id, project_id, name, description, snapshot_at, created_at, created_by, locked_at, locked_by, deleted_at").eq("id",t).maybeSingle();if(i)throw new Error(`getBaselineById: ${i.message}`);return r&&null===r.deleted_at?r:null}function Tt(e){return{id:e.id,project_id:e.project_id,type:e.type,title:e.title,data:e.data,created_by:e.changed_by,updated_by:e.changed_by,created_at:e.valid_from,updated_at:e.valid_from,deleted_at:null}}async function Ut(e,t,r){const{data:i,error:n}=await e.rpc("project_state_at",{p_project_id:t,p_snapshot_at:r});if(n)throw new Error(`projectStateAt: ${n.message}`);return i??[]}async function At(e,t,r,i){const n=r.trim();if(!n)return{items:[],totalCount:0};let a=null;if(i.asset&&i.asset.trim()){const{data:r,error:n}=await e.from("test_results").select("item_id").eq("project_id",t).eq("asset",i.asset.trim());if(n)throw new Error(n.message);const s=new Set;for(const e of r??[])s.add(e.item_id);if(a=Array.from(s),0===a.length)return{items:[],totalCount:0}}let s=e.from("items").select("*",{count:"exact"}).eq("project_id",t).is("deleted_at",null).or(`title.ilike.%${n}%,data->>body.ilike.%${n}%,data->>summary.ilike.%${n}%`).limit(i.limit);i.type&&(s=s.eq("type",i.type)),a&&(s=s.in("id",a));const{data:o,error:d,count:c}=await s;if(d)throw new Error(d.message);return{items:o??[],totalCount:c??0}}function zt(e,t){const r=new Set(e.map(e=>e.id)),i=new Set,n=[],a=(e,t,a)=>{if(e===t)return;if(!r.has(e)||!r.has(t))return;const s=`${e}|${t}|${a}`;i.has(s)||(i.add(s),n.push({from_id:e,to_id:t,type:a}))};for(const e of t)a(e.from_id,e.to_id,e.type);for(const t of e){const e=t.data?.relationships??{},r=t=>Array.isArray(e[t])?e[t].filter(e=>"string"==typeof e):[];for(const e of r("parents"))a(t.id,e,"parent");for(const e of r("children"))a(t.id,e,"child");for(const e of r("related"))a(t.id,e,"related");for(const e of r("verifies"))a(t.id,e,"verifies");for(const e of r("verified_by"))a(t.id,e,"verified_by")}return n}async function Ht(e,t,r){const i="requirement"===r?"REQ":"test-case"===r?"TC":"note"===r?"NOTE":"TABLE",{data:n,error:a}=await e.rpc("next_item_id",{p_project_id:t,p_prefix:i});if(a)throw new Error(`ID generation failed: ${a.message}`);return n}var Dt=I({"src/db/queries.ts"(){}}),Rt={};async function Ct(){try{const e=await ye(async()=>{const e=await fe();return await async function(e){const{data:t,error:r}=await e.from("projects").select("id, name, description, org_id, created_at, organizations(name)").is("deleted_at",null).order("created_at",{ascending:!1});if(r)throw new Error(r.message);return(t??[]).map(e=>({id:e.id,name:e.name,description:e.description,org_id:e.org_id,org_name:e.organizations?.name??"Unknown",created_at:e.created_at}))}(e)}),t=We(),r=R,i=M().project_scope,n=i?new Set(i):null;return wt(nt(e.filter(e=>!r||e.org_id===r).filter(e=>!t||e.id===t).filter(e=>!n||n.has(e.id)).map(e=>({id:e.id,name:e.name,description:e.description,org_id:e.org_id,org_name:e.org_name,created_at:e.created_at}))))}catch(e){return vt(gt(e))}}E(Rt,{listProjectsHandler:()=>Ct});var Pt=I({"src/tools/list-projects.ts"(){Se(),Dt(),Fe(),q(),xt()}}),Mt={};async function qt(e){try{const t=await fe();let r,i,n=null;try{n=await Et(t,{baseline_id:e.baseline_id,as_of:e.as_of,project_id:e.project_id})}catch(e){return vt(yt(e.message))}if(n){const a=(await Ut(t,e.project_id,n)).filter(t=>{if(e.type&&t.type!==e.type)return!1;const r=t.data??{};if(e.domain){const t=r?.tags?.domains??[];if(!Array.isArray(t)||!t.includes(e.domain))return!1}return!e.level||r?.tags?.level===e.level});i=a.length,r=a.slice(e.offset,e.offset+e.limit).map(e=>({id:e.id,title:e.title,type:e.type,data:e.data}))}else{const n=await kt(t,e.project_id,{type:e.type,domain:e.domain,level:e.level,limit:e.limit,offset:e.offset});r=n.items,i=n.totalCount}return wt(nt(r.map(e=>({id:e.id,title:bt(e.title),type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),at(i,e.limit,e.offset)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Mt,{listItemsHandler:()=>qt});var $t=I({"src/tools/list-items.ts"(){Se(),Dt(),xt()}}),Nt={};async function Lt(e){try{const t=await fe();let r=null;try{r=await Et(t,{baseline_id:e.baseline_id,as_of:e.as_of,project_id:e.project_id})}catch(e){return vt(st(e.message,["Pass baseline_id OR as_of, not both"]))}const i=r?await async function(e,t,r,i){const{data:n,error:a}=await e.rpc("item_state_at",{p_item_id:r,p_project_id:t,p_snapshot_at:i});if(a)throw new Error(`itemStateAt: ${a.message}`);return(n??[])[0]??null}(t,e.project_id,e.item_id,r).then(e=>e?Tt(e):null):await It(t,e.project_id,e.item_id);if(!i)return vt(ot("Item",e.item_id));const n={parents:[],children:[],related:[],verified_by:[],verifies:[]};if(r){const e=i.data?.relationships??{};for(const t of Object.keys(n)){const r=e[t];Array.isArray(r)&&(n[t]=r.slice())}}else{const r=await async function(e,t,r){const{data:i,error:n}=await e.from("item_relationships").select("from_id, to_id, type").eq("project_id",t).or(`from_id.eq.${r},to_id.eq.${r}`);if(n)throw new Error(n.message);return i??[]}(t,e.project_id,e.item_id),a={parent:"parents",child:"children",related:"related",verifies:"verifies",verified_by:"verified_by"},s={parent:"children",child:"parents",verified_by:"verifies",verifies:"verified_by",related:"related"},o=(e,t)=>{if(!(e in n))return;const r=n[e];r.includes(t)||r.push(t)},d=new Set([e.item_id]);for(const e of r)d.add(e.from_id),d.add(e.to_id);const c=i.data?.relationships??{};for(const e of Object.keys(n)){const t=c[e];if(Array.isArray(t))for(const e of t)"string"==typeof e&&d.add(e)}let l=new Set([e.item_id]);const m=Array.from(d);if(m.length>0){const{data:r,error:i}=await t.from("items").select("id").eq("project_id",e.project_id).is("deleted_at",null).in("id",m);if(i)throw new Error(i.message);l=new Set((r??[]).map(e=>e.id)),l.add(e.item_id)}const p=e=>l.has(e);for(const t of r)if(t.from_id===e.item_id){if(!p(t.to_id))continue;o(a[t.type]??t.type,t.to_id)}else{if(!p(t.from_id))continue;o(s[t.type]??t.type,t.from_id)}for(const t of Object.keys(n)){const r=c[t];if(Array.isArray(r))for(const i of r)"string"==typeof i&&i!==e.item_id&&p(i)&&o(t,i)}}let a=[];if("test-case"===i.type)if(r)a=(i.data?.runs??[]).map(e=>({result:e.result??"not-run",run_by:e.by??e.run_by??null,run_at:e.date??e.run_at??"",note:e.note??null})).filter(e=>"string"==typeof e.run_at&&e.run_at.length>0).sort((e,t)=>t.run_at.localeCompare(e.run_at)).slice(0,20).map(e=>({result:e.result,run_by:e.run_by,run_at:e.run_at,note:e.note}));else{const{data:r,error:i}=await t.from("test_results").select("result, run_by, run_at, note").eq("item_id",e.item_id).eq("project_id",e.project_id).order("run_at",{ascending:!1}).limit(20);!i&&r&&(a=r)}return wt(nt({id:i.id,type:i.type,title:bt(i.title),summary:bt(i.data?.summary),body:bt(i.data?.body),tags:i.data?.tags??{domains:[]},ownership:i.data?.ownership??{primary:null,additional:[]},relationships:n,links:i.data?.links??[],status:i.data?.status,..."test-case"===i.type?{latest_result:a[0]?.result??"not-run",test_results:a}:{},metadata:{created_at:i.created_at,created_by:i.created_by,updated_at:i.updated_at,updated_by:i.updated_by,source_id:i.data?.metadata?.source_id}}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Nt,{getItemHandler:()=>Lt});var Wt=I({"src/tools/get-item.ts"(){Se(),Dt(),xt()}}),Vt={};async function Ft(e){try{const t=await fe();let r,i,n=null;try{n=await Et(t,{baseline_id:e.baseline_id,project_id:e.project_id})}catch(e){return vt(yt(e.message))}if(n){const a=await Ut(t,e.project_id,n),s=e.query.trim().toLowerCase(),o=0===s.length?[]:a.filter(t=>{if(e.type&&t.type!==e.type)return!1;const r=t.data??{};return[t.title,r?.body,r?.summary].filter(e=>"string"==typeof e).map(e=>e.toLowerCase()).some(e=>e.includes(s))});i=o.length,r=o.slice(0,e.limit).map(e=>({id:e.id,title:e.title,type:e.type,data:e.data}))}else{const n=await At(t,e.project_id,e.query,{type:e.type,limit:e.limit,asset:e.asset});r=n.items,i=n.totalCount}return wt(nt(r.map(e=>({id:e.id,title:bt(e.title),type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),at(i,e.limit,0)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Vt,{searchHandler:()=>Ft});var Bt=I({"src/tools/search.ts"(){Se(),Dt(),xt()}}),Jt={};async function Qt(e){try{const t=await fe(),{access_token:r}=await se(),{items:i,totalCount:n}=await async function(e,t,r,i){const{ATOMS_SUPABASE_URL:n,ATOMS_SUPABASE_ANON_KEY:a}=await Promise.resolve().then(()=>(ne(),ie)),s=await fetch(`${n}/functions/v1/embed`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${i.accessToken}`,apikey:a},body:JSON.stringify({input:r})});if(!s.ok)throw new Error(`Embed function failed: ${s.status}`);const{embedding:o}=await s.json(),{data:d,error:c}=await e.rpc("semantic_search",{query_embedding:o,p_project_id:t,match_threshold:.3,match_count:i.limit,p_type:i.type||null});if(c)throw new Error(c.message);return{items:d??[],totalCount:(d??[]).length,method:"semantic"}}(t,e.project_id,e.query,{type:e.type,limit:e.limit,accessToken:r});return wt(nt(i.map(e=>({id:e.id,title:bt(e.title),type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),at(n,e.limit,0)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Jt,{semanticSearchHandler:()=>Qt});var Gt=I({"src/tools/semantic-search.ts"(){Se(),ue(),Dt(),xt()}}),Yt={};async function Kt(e){try{if(e.baseline_id&&e.as_of)return vt(ct("baseline_id and as_of are mutually exclusive"));const t=await fe();let r;if(e.baseline_id){const i=await Ot(t,e.baseline_id);if(!i)return vt(ct(`Baseline ${e.baseline_id} not found`));if(i.project_id!==e.project_id)return vt(ct("Baseline does not belong to this project"));r=i.snapshot_at}else e.as_of&&(r=e.as_of);const{covered:i,uncovered:n,total:a}=await async function(e,t,r){let i,n,a;if(r.snapshotAt){const s=(await Ut(e,t,r.snapshotAt)).map(Tt);i=s.filter(e=>"requirement"===e.type),n=s.map(e=>({id:e.id,data:e.data})),a=[]}else{const{data:r,error:s}=await e.from("items").select("*").eq("project_id",t).eq("type","requirement").is("deleted_at",null);if(s)throw new Error(s.message);i=r??[];const{data:o,error:d}=await e.from("items").select("id, data").eq("project_id",t).is("deleted_at",null);if(d)throw new Error(d.message);n=o??[];const{data:c,error:l}=await e.from("item_relationships").select("from_id, to_id, type").eq("project_id",t);if(l)throw new Error(l.message);a=c??[]}const s=i.filter(e=>!(r.domain&&!(e.data?.tags?.domains??[]).includes(r.domain)||r.level&&e.data?.tags?.level!==r.level)),o=zt(n,a),d=new Set;for(const e of o)"verifies"===e.type?d.add(e.to_id):"verified_by"===e.type&&d.add(e.from_id);return{covered:s.filter(e=>d.has(e.id)),uncovered:s.filter(e=>!d.has(e.id)),total:s.length}}(t,e.project_id,{domain:e.domain,level:e.level,snapshotAt:r}),s=n.map(e=>({id:e.id,title:e.title,type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level}));return wt(nt({covered:i.length,uncovered:n.length,total:a,coverage_percent:a>0?Math.round(i.length/a*1e3)/10:100,uncovered_items:s}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Yt,{getCoverageHandler:()=>Kt});var Zt=I({"src/tools/get-coverage.ts"(){Se(),Dt(),xt()}}),Xt={};async function er(e){try{const t=await fe(),r=await async function(e,t,r,i){const{data:n,error:a}=await e.from("change_history").select("*").eq("item_id",r).eq("project_id",t).order("changed_at",{ascending:!1}).limit(i);if(a)throw new Error(a.message);return n??[]}(t,e.project_id,e.item_id,e.limit),i=r.map(e=>{const t=[],r=e.old_data,i=e.new_data;if(r&&i){const e=new Set([...Object.keys(r),...Object.keys(i)]);for(const n of e)JSON.stringify(r[n])!==JSON.stringify(i[n])&&t.push(n)}else i?t.push("(created)"):r&&t.push("(deleted)");return{id:e.id,event_type:e.event_type,changed_by:e.changed_by??null,changed_at:e.changed_at,actor:e.actor??"user",session_id:e.session_id??null,fields_changed:t}});return wt(nt(i,at(i.length,e.limit,0)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Xt,{getHistoryHandler:()=>er});var tr=I({"src/tools/get-history.ts"(){Se(),Dt(),xt()}}),rr={};async function ir(e){try{if(e.baseline_id&&e.as_of)return vt(ct("baseline_id and as_of are mutually exclusive"));const t=await fe();let r,i,n;if(e.baseline_id){const i=await Ot(t,e.baseline_id);if(!i)return vt(ct(`Baseline ${e.baseline_id} not found`));if(i.project_id!==e.project_id)return vt(ct("Baseline does not belong to this project"));r=i.snapshot_at}else e.as_of&&(r=e.as_of);if(r){i=(await Ut(t,e.project_id,r)).map(Tt).map(e=>({id:e.id,title:e.title,type:e.type,data:e.data})),n=zt(i,[])}else{const{data:r,error:a}=await t.from("items").select("id, title, type, data").eq("project_id",e.project_id).is("deleted_at",null);if(a)throw new Error(a.message);i=r??[];const{data:s,error:o}=await t.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(o)throw new Error(o.message);n=zt(i,s??[])}if(0===i.length)return wt(nt({mermaid:"graph TD\n empty[No items in project]"}));const a=new Map;for(const e of i)a.set(e.id,e);const s=["graph TD"],o=new Set,d=new Set,c=(new Set((n??[]).filter(e=>"child"===e.type).map(e=>e.to_id)),new Set((n??[]).filter(e=>"parent"===e.type).map(e=>e.from_id)));let l;l=e.root_item_id?[e.root_item_id]:i.filter(e=>!c.has(e.id)).filter(t=>!(!e.include_tests&&"test-case"===t.type)).map(e=>e.id);const m=l.map(e=>({id:e,depth:0}));for(;m.length>0;){const{id:t,depth:r}=m.shift();if(o.has(t)||r>e.depth)continue;o.add(t);const i=a.get(t);if(!i)continue;if(!e.include_tests&&"test-case"===i.type)continue;const c=nr(i.title),l="requirement"===i.type?`["${c}"]`:"test-case"===i.type?`(["${c}"])`:`("${c}")`;s.push(` ${t}${l}`);for(const i of n??[]){if(i.from_id!==t)continue;const n=a.get(i.to_id);if(!n)continue;if(!e.include_tests&&"test-case"===n.type)continue;const c=`${i.from_id}-${i.type}-${i.to_id}`;d.has(c)||(d.add(c),"child"===i.type?s.push(` ${t} --\x3e ${i.to_id}`):"verified_by"===i.type?s.push(` ${t} -.->|verified_by| ${i.to_id}`):"related"===i.type&&s.push(` ${t} -.- ${i.to_id}`),!o.has(i.to_id)&&r+1<=e.depth&&m.push({id:i.to_id,depth:r+1}))}}return wt(nt({mermaid:s.join("\n"),node_count:o.size,edge_count:d.size}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}function nr(e){return e.replace(/"/g,"'").replace(/[[\]{}()]/g,"").substring(0,50)}E(rr,{exportMermaidHandler:()=>ir});var ar=I({"src/tools/export-mermaid.ts"(){Se(),Dt(),xt()}}),sr={};async function or(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const i=(e.domains??[]).map(it).filter(e=>e.length>0),n=void 0!==e.level?it(e.level):void 0;if(i.length>0){const{data:r}=await t.from("metadata").select("domains").eq("project_id",e.project_id).maybeSingle(),n=r?.domains??[];if(n.length>0){const e=new Set(n.map(it).filter(e=>e.length>0)),t=i.filter(t=>!e.has(t));if(t.length>0)return vt(ct(`Unknown domain${t.length>1?"s":""}: ${t.join(", ")}. Registered: ${n.join(", ")}. Add new domains via Taxonomy Management in the ATOMS web app first.`))}}const a=await Ht(t,e.project_id,e.type),s=(new Date).toISOString(),o={id:a,type:e.type,title:e.title,summary:e.summary,body:e.body,tags:{domains:i,level:n??""},ownership:{primary:null,additional:[]},relationships:{parents:e.parent_ids??[],children:[],related:[]},links:[],metadata:{created_at:s,created_by:r,updated_at:s,updated_by:r}},{error:d}=await t.rpc("save_item_with_revision",{p_item_id:a,p_project_id:e.project_id,p_type:e.type,p_title:e.title,p_data:o,p_user_id:r,p_event_source:"mcp",p_event_session_id:Gi()??null,p_diff_summary:null});if(d)throw new Error(d.message);if(e.parent_ids&&e.parent_ids.length>0)for(const i of e.parent_ids){const{error:n}=await t.rpc("apply_link_change",{p_project_id:e.project_id,p_from_id:a,p_to_id:i,p_type:"parent",p_action:"add",p_user_id:r,p_event_source:"mcp"});n&&process.stderr.write(`[atoms-mcp] Warning: parent link sync failed for ${i}: ${n.message}\n`)}return await t.from("change_history").insert({item_id:a,project_id:e.project_id,changed_by:r,event_type:"created",old_data:null,new_data:o,actor:Yi(),session_id:Gi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),!1===e.echo?wt(nt({id:a,type:e.type})):wt(nt({id:a,type:e.type,title:e.title,summary:e.summary??"",body:e.body??"",domains:i,level:n??"",project_id:e.project_id}))}catch(e){return vt(gt(e))}}E(sr,{createItemHandler:()=>or});var dr=I({"src/tools/create-item.ts"(){Se(),Dt(),Zi(),xt()}}),cr={};async function lr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const i=async(i,n,a,s)=>{const o=await It(t,e.project_id,i);if(!o)return{updated_fields:[],error:`Item "${i}" not found`};const d=void 0!==n.domains?n.domains.map(it).filter(e=>e.length>0):void 0,c=void 0!==n.level?it(n.level):void 0;if(void 0!==d&&d.length>0){const{data:r}=await t.from("metadata").select("domains").eq("project_id",e.project_id).maybeSingle(),i=r?.domains??[];if(i.length>0){const e=new Set(i.map(it).filter(e=>e.length>0)),t=d.filter(t=>!e.has(t));if(t.length>0)return{updated_fields:[],error:`Unknown domains: ${t.join(", ")}`}}}const l={...o.data},m={...o.data},p=[],u=(e,t)=>JSON.stringify(e)!==JSON.stringify(t);if(void 0!==n.title&&u(o.data.title,n.title)&&(m.title=n.title,p.push("title")),void 0!==n.body&&u(o.data.body,n.body)&&(m.body=n.body,p.push("body")),void 0!==n.summary&&u(o.data.summary,n.summary)&&(m.summary=n.summary,p.push("summary")),void 0!==d&&u(o.data.tags?.domains??[],d)&&(m.tags={...m.tags,domains:d},p.push("domains")),void 0!==c&&u(o.data.tags?.level,c)&&(m.tags={...m.tags,level:c},p.push("level")),void 0!==n.status&&u(o.data.status,n.status)&&(m.status=n.status,p.push("status")),0===p.length)return{updated_fields:[],updatedData:o.data,itemType:o.type};m.metadata={...m.metadata,updated_at:(new Date).toISOString(),updated_by:r};const _=n.title??o.title,{data:f,error:h}=await t.rpc("save_item_with_revision",{p_item_id:i,p_project_id:e.project_id,p_type:o.type,p_title:_,p_data:m,p_user_id:r,p_event_source:"mcp",p_event_session_id:Gi()??null,p_diff_summary:null,p_expected_updated_at:n.expected_updated_at??o.updated_at});if(h)return{updated_fields:[],error:h.message};if(!f)return{updated_fields:[],error:`Update silently failed for "${i}" — RPC returned no row. Likely RLS policy denied the write; verify your role and project access.`};const g={item_id:i,project_id:e.project_id,changed_by:r,event_type:"updated",old_data:l,new_data:m,actor:Yi(),session_id:Gi()};return a&&(g.batch_id=a),s&&(g.reason=s),await t.from("change_history").insert(g).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),{updated_fields:p,updatedData:m,itemType:o.type}};if(e.updates&&Array.isArray(e.updates)){const t=crypto.randomUUID(),r=!0===e.continue_on_error,n=[],a=[];for(const s of e.updates){const{updated_fields:o,error:d}=await i(s.item_id,s,t,e.reason);if(d){if(!r)return ft(d)?vt(gt(new Error(d))):vt(ct(`Batch stopped at "${s.item_id}": ${d}. ${n.length} item(s) already updated.`));a.push({item_id:s.item_id,error:d})}else n.push({id:s.item_id,updated_fields:o})}return wt(nt({batch_id:t,updated:n.length,results:!1===e.echo?void 0:n,errors:a}))}if(!e.item_id)return vt(ct("Provide either item_id (single) or updates[] (array form)."));const{updated_fields:n,updatedData:a,itemType:s,error:o}=await i(e.item_id,{title:e.title,body:e.body,summary:e.summary,domains:e.domains,level:e.level,status:e.status,expected_updated_at:e.expected_updated_at},void 0,e.reason);if(o)return o.includes("not found")?vt(ot("Item",e.item_id)):o.includes("Unknown domain")?vt(ct(o)):ft(o)?vt(gt(new Error(o))):vt(yt(o));if(!1===e.echo)return wt(nt({id:e.item_id,updated_fields:n}));const d=a??{};return wt(nt({id:e.item_id,type:s,title:d.title??"",summary:d.summary??"",body:d.body??"",domains:d.tags?.domains??[],level:d.tags?.level??"",updated_fields:n}))}catch(e){return vt(gt(e))}}E(cr,{updateItemHandler:()=>lr});var mr,pr,ur=I({"src/tools/update-item.ts"(){Se(),Dt(),Zi(),xt()}});function _r(e){const t=process.env.ATOMS_MCP_REQUIRE_CONFIRMATION?.trim();if(t){const r=t.toLowerCase();if("1"===r||"true"===r||"all"===r)return!0;if(t.split(",").map(e=>e.trim()).filter(Boolean).includes(e))return!0}return!!M().require_confirmation_for.includes(e)}function fr(e,t=mr){const r=Date.now()+t,i={...e,exp:r},n=Buffer.from(JSON.stringify(i)).toString("base64url");return{token:`${n}.${x.default.createHmac("sha256",pr).update(n).digest("base64url")}`,expires_at:new Date(r).toISOString(),expires_in_seconds:Math.round(t/1e3)}}function hr(e,t){if("string"!=typeof e||!e.includes("."))return{valid:!1,reason:"Token format invalid"};const[r,i]=e.split(".");if(!r||!i)return{valid:!1,reason:"Token format invalid"};const n=x.default.createHmac("sha256",pr).update(r).digest("base64url"),a=Buffer.from(i,"utf8"),s=Buffer.from(n,"utf8");if(a.length!==s.length||!x.default.timingSafeEqual(a,s))return{valid:!1,reason:"Token signature invalid"};let o;try{o=JSON.parse(Buffer.from(r,"base64url").toString("utf8"))}catch{return{valid:!1,reason:"Token payload malformed"}}return"number"!=typeof o.exp||o.exp<Date.now()?{valid:!1,reason:"Token expired"}:o.tool!==t.tool?{valid:!1,reason:"Token issued for a different tool"}:o.project_id!==t.project_id?{valid:!1,reason:"Token issued for a different project"}:o.target!==t.target?{valid:!1,reason:"Token issued for a different target"}:{valid:!0}}function gr(e){if(Array.isArray(e))return e.map(gr);if(null!==e&&"object"==typeof e){const t={};for(const r of Object.keys(e).sort())t[r]=gr(e[r]);return t}return e}function yr(e){const t=JSON.stringify(gr(e));return x.default.createHash("sha256").update(t).digest("base64url").slice(0,16)}var br,wr=I({"src/middleware/confirmation.ts"(){q(),mr=6e4,pr=(()=>{const e=process.env.ATOMS_MCP_CONFIRMATION_SECRET;return e&&e.length>=16?e:x.default.randomBytes(32).toString("base64url")})()}}),vr={};async function jr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const i=await async function(e,t,r){const{data:i,error:n}=await e.from("items").select("*").eq("id",r).eq("project_id",t).maybeSingle();if(n)throw new Error(n.message);return i}(t,e.project_id,e.item_id);if(!i)return vt(ot("Item",e.item_id));if(i.deleted_at)return vt(ct(`Item ${e.item_id} is already deleted`));if(_r(br)){const t={tool:br,project_id:e.project_id,target:e.item_id};if(!e.confirmation_token){const r=fr(t);return wt(nt({status:"confirmation_required",preview:{id:e.item_id,title:i.title,type:i.type,would_soft_delete:!0},confirmation_token:r.token,expires_at:r.expires_at,expires_in_seconds:r.expires_in_seconds,message:`Re-call atoms_delete_item with the same project_id, item_id, and confirmation_token within ${r.expires_in_seconds}s to execute.`}))}const r=hr(e.confirmation_token,t);if(!r.valid)return vt(ct(`confirmation_token rejected: ${r.reason}`))}const{error:n}=await t.from("items").update({deleted_at:(new Date).toISOString()}).eq("id",e.item_id).eq("project_id",e.project_id);if(n)throw new Error(n.message);return await t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"deleted",old_data:i.data,new_data:null,actor:Yi(),session_id:Gi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),wt(nt({id:e.item_id,title:i.title,type:i.type,deleted:!0,message:`Item ${e.item_id} soft-deleted. It can still be found in audit logs.`}))}catch(e){return vt(gt(e))}}E(vr,{deleteItemHandler:()=>jr});var xr=I({"src/tools/delete-item.ts"(){Se(),Dt(),Zi(),wr(),xt(),br="atoms_delete_item"}}),Sr={};async function kr(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const{data:i,error:n}=await t.from("items").select("*").eq("id",e.item_id).eq("project_id",e.project_id).maybeSingle();if(n)throw new Error(n.message);if(!i)return vt(ot("Item",e.item_id));if(!i.deleted_at)return vt(st(`Item ${e.item_id} is not deleted and cannot be restored.`,["Use atoms_get_item to view the current item state","Use atoms_delete_item first if you intended to delete it"]));const{error:a}=await t.from("items").update({deleted_at:null}).eq("id",e.item_id).eq("project_id",e.project_id);if(a)throw new Error(a.message);return await t.rpc("repair_live_item_relationships_from_jsonb",{p_project_id:e.project_id,p_item_id:e.item_id}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: relationship repair failed: ${e.message}\n`)}),await t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"restored",old_data:null,new_data:i.data,actor:Yi(),session_id:Gi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),wt(nt({id:e.item_id,title:i.title,type:i.type,restored:!0,message:`Item ${e.item_id} restored successfully.`}))}catch(e){return vt(gt(e))}}E(Sr,{restoreItemHandler:()=>kr});var Ir=I({"src/tools/restore-item.ts"(){Se(),Zi(),xt()}}),Er={};async function Or(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const i=async(i,n,a)=>{const s=await It(t,e.project_id,i.from_id);if(!s)throw new Error(`Item "${i.from_id}" not found`);const o=await It(t,e.project_id,i.to_id);if(!o)throw new Error(`Item "${i.to_id}" not found`);const{error:d}=await t.rpc("apply_link_change",{p_project_id:e.project_id,p_from_id:i.from_id,p_to_id:i.to_id,p_type:i.type,p_action:i.action,p_user_id:r,p_event_source:"mcp",p_expected_from_updated_at:i.expected_from_updated_at??s.updated_at,p_expected_to_updated_at:i.expected_to_updated_at??o.updated_at});if(d)throw new Error(d.message);const c={item_id:i.from_id,project_id:e.project_id,changed_by:r,event_type:"updated",old_data:null,new_data:{relationship_change:{action:i.action,type:i.type,from:i.from_id,to:i.to_id}},actor:Yi(),session_id:Gi()};n&&(c.batch_id=n),a&&(c.reason=a),await t.from("change_history").insert(c).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)})};if(e.operations&&Array.isArray(e.operations)){for(const t of e.operations)if(t.from_id===t.to_id)return vt(ct(`Self-reference in batch: "${t.from_id}"`));const r=[...new Set(e.operations.flatMap(e=>[e.from_id,e.to_id]))],{data:n}=await t.from("items").select("id").eq("project_id",e.project_id).is("deleted_at",null).in("id",r),a=new Set((n??[]).map(e=>e.id)),s=r.filter(e=>!a.has(e));if(s.length>0)return vt(ot("Items",s.join(", ")));const{data:o}=await t.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id),d=new Map;for(const e of o??[])"parent"===e.type&&(d.has(e.from_id)||d.set(e.from_id,new Set),d.get(e.from_id).add(e.to_id));for(const t of e.operations){if("parent"!==t.type&&"child"!==t.type)continue;const[e,r]="parent"===t.type?[t.from_id,t.to_id]:[t.to_id,t.from_id];"remove"===t.action?d.get(e)?.delete(r):(d.has(e)||d.set(e,new Set),d.get(e).add(r))}const c=0,l=1,m=2,p=new Map,u=new Set;for(const[e,t]of d){u.add(e);for(const e of t)u.add(e)}const _=e=>{if((p.get(e)??c)!==c)return null;const t=[],r=[],i=e=>{p.set(e,l),r.push(e),t.push({node:e,parents:[...d.get(e)??[]],idx:0})};for(i(e);t.length>0;){const e=t[t.length-1];if(e.idx>=e.parents.length){p.set(e.node,m),r.pop(),t.pop();continue}const n=e.parents[e.idx];e.idx++;const a=p.get(n)??c;if(a===l){const e=r.indexOf(n);return[...r.slice(e),n]}a!==m&&i(n)}return null};for(const e of u){const t=_(e);if(t)return vt(ct(`Batch would create a cycle: ${t.join(" -> ")}. No changes applied.`))}const f=crypto.randomUUID(),h=e.operations.filter(e=>"remove"===e.action),g=e.operations.filter(e=>"add"===e.action);for(const t of[...h,...g])await i(t,f,e.reason);return wt(nt({batch_id:f,processed:e.operations.length,operations:!1===e.echo?void 0:e.operations}))}return e.from_id&&e.to_id&&e.type&&e.action?e.from_id===e.to_id?vt(ct("Cannot create a relationship between an item and itself")):(await i({action:e.action,from_id:e.from_id,to_id:e.to_id,type:e.type,expected_from_updated_at:e.expected_from_updated_at,expected_to_updated_at:e.expected_to_updated_at},void 0,e.reason),!1===e.echo?wt(nt({action:e.action,from_id:e.from_id,to_id:e.to_id})):wt(nt({action:e.action,type:e.type,from_id:e.from_id,to_id:e.to_id,message:`Relationship ${"add"===e.action?"added":"removed"}: ${e.from_id} --[${e.type}]--\x3e ${e.to_id}`}))):vt(ct("Provide (from_id, to_id, type, action) for single-op or operations[] for batch."))}catch(e){return vt(gt(e))}}E(Er,{linkItemsHandler:()=>Or});var Tr=I({"src/tools/link-items.ts"(){Se(),Dt(),Zi(),xt()}}),Ur={};async function Ar(e){try{if(!e.items||0===e.items.length)return vt(ct("items array must contain at least 1 item"));if(e.items.length>100)return vt(ct(`Maximum 100 items per call (received ${e.items.length}). Split into multiple calls.`));const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const i=await async function(e,t,r){const{data:i}=await e.from("metadata").select("domains").eq("project_id",t).maybeSingle(),n=i?.domains??[],a=n.length>0?new Set(n.map(it).filter(e=>e.length>0)):null,s=yr(n.map(it).filter(e=>e.length>0).sort()),o=[],d=new Set,c={};for(let e=0;e<r.length;e++){const t=r[e];if(c[t.type]=(c[t.type]??0)+1,!a)continue;const i=(t.domains??[]).map(it).filter(e=>e.length>0);if(0===i.length)continue;const s=i.filter(e=>!a.has(e));s.length>0&&(d.add(e),o.push({index:e,title:t.title,error:`Unknown domain${s.length>1?"s":""}: ${s.join(", ")}. Registered: ${n.join(", ")}.`}))}return{registeredDomains:n,registeredDomainHash:s,invalidDomainIndexes:d,errors:o,typeBreakdown:c}}(t,e.project_id,e.items);if(_r("atoms_bulk_import")){const t={tool:"atoms_bulk_import",project_id:e.project_id,target:yr({items:e.items,registered_domain_hash:i.registeredDomainHash})};if(!e.confirmation_token){const r=fr(t);return wt(nt({status:"confirmation_required",preview:{total_items:e.items.length,by_type:i.typeBreakdown,sample_titles:e.items.slice(0,5).map(e=>e.title),would_fail:i.errors.length>0,errors:i.errors,registered_domain_hash:i.registeredDomainHash},confirmation_token:r.token,expires_at:r.expires_at,expires_in_seconds:r.expires_in_seconds,message:`Re-call atoms_bulk_import with the same project_id, items array, and confirmation_token within ${r.expires_in_seconds}s to execute. Changing items or project domains will invalidate the token.`}))}const r=hr(e.confirmation_token,t);if(!r.valid)return vt(ct(`confirmation_token rejected: ${r.reason}`))}const n=(new Date).toISOString(),a=Gi(),s=[],o=[...i.errors],d=[];for(let r=0;r<e.items.length;r++){const n=e.items[r];if(i.invalidDomainIndexes.has(r))continue;const a=(n.domains??[]).map(it).filter(e=>e.length>0),s=void 0!==n.level?it(n.level):void 0;try{const i=await Ht(t,e.project_id,n.type);d.push({itemId:i,input:n,sanitizedDomains:a,sanitizedLevel:s,index:r})}catch(e){o.push({index:r,title:n.title,error:`ID generation failed: ${e instanceof Error?e.message:String(e)}`})}}if(0===d.length)return wt(nt({created:0,items:[],errors:o}));const c=[],l=new Map;for(const{itemId:t,input:i,sanitizedDomains:a,sanitizedLevel:s}of d){const o={id:t,type:i.type,title:i.title,summary:i.summary,body:i.body,tags:{domains:a,level:s??""},ownership:{primary:null,additional:[]},relationships:{parents:i.parent_id?[i.parent_id]:[],children:[],related:[]},links:[],metadata:{created_at:n,created_by:r,updated_at:n,updated_by:r}};l.set(t,o),c.push({id:t,project_id:e.project_id,type:i.type,title:i.title,data:o,created_by:r,updated_by:r})}const m=c.map(e=>({id:e.id,type:e.type,title:e.title,data:e.data})),{error:p}=await t.rpc("bulk_save_items_with_revisions",{p_project_id:e.project_id,p_items:m,p_user_id:r,p_event_source:"mcp"});if(p)for(const{itemId:i,input:n,index:l}of d){const d=c.find(e=>e.id===i);if(!d)continue;const{error:m}=await t.rpc("save_item_with_revision",{p_item_id:d.id,p_project_id:e.project_id,p_type:d.type,p_title:d.title,p_data:d.data,p_user_id:r,p_event_source:"mcp",p_event_session_id:a,p_diff_summary:null});m?o.push({index:l,title:n.title,error:m.message}):s.push({id:i,title:n.title,type:n.type})}else for(const{itemId:e,input:t}of d)s.push({id:e,title:t.title,type:t.type});const u=d.filter(({input:e})=>e.parent_id).filter(({itemId:e})=>s.some(t=>t.id===e)).map(({itemId:t,input:r})=>({from_id:t,to_id:r.parent_id,type:"parent",project_id:e.project_id}));if(u.length>0)for(const i of u){const{error:n}=await t.rpc("apply_link_change",{p_project_id:e.project_id,p_from_id:i.from_id,p_to_id:i.to_id,p_type:"parent",p_action:"add",p_user_id:r,p_event_source:"mcp"});n&&process.stderr.write(`[atoms-mcp] Warning: bulk parent link sync failed for ${i.to_id}: ${n.message}\n`)}const _=s.map(t=>({item_id:t.id,project_id:e.project_id,changed_by:r,event_type:"created",old_data:null,new_data:l.get(t.id)??null,actor:Yi(),session_id:a}));return _.length>0&&await t.from("change_history").insert(_).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: bulk change_history log failed: ${e.message}\n`)}),wt(nt({created:s.length,items:s,errors:o.length>0?o:[],project_id:e.project_id}))}catch(e){return vt(gt(e))}}E(Ur,{bulkImportHandler:()=>Ar});var zr=I({"src/tools/bulk-import.ts"(){Se(),Dt(),Zi(),wr(),xt()}}),Hr={};async function Dr(e){try{const t=await fe(),r=be(),i=we();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const n=await It(t,e.project_id,e.item_id);if(!n)return vt(ot("Item",e.item_id));if("test-case"!==n.type)return vt(ct(`Item '${e.item_id}' is a ${n.type}, not a test-case`));const a=(e.asset??"").trim(),s=(new Date).toISOString(),{data:o,error:d}=await t.rpc("record_test_results_bulk",{p_project_id:e.project_id,p_item_id:e.item_id,p_run_by:i||r,p_actor_user_id:r,p_results:[{result:e.result,note:e.note,asset:a||void 0,date:s}]});if(d)throw new Error(d.message);const c=Array.isArray(o)?o[0]:o?.[0];await t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"test_result_recorded",old_data:null,new_data:{result:e.result,run_at:s,note:e.note,asset:a||null},actor:Yi(),session_id:Gi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)});const l=a?` (asset: ${a})`:"";return wt(nt({item_id:e.item_id,result:e.result,run_at:s,run_by:i||r,note:e.note??null,asset:a||null,asset_id:c?.asset_id??null,asset_created:c?.asset_created??!1,message:`Test result '${e.result}' recorded for ${e.item_id}${l}`}))}catch(e){return vt(gt(e))}}E(Hr,{recordTestResultHandler:()=>Dr});var Rr=I({"src/tools/record-test-result.ts"(){Se(),Dt(),Zi(),xt()}}),Cr={};async function Pr(e){try{const t=await fe(),r=be(),i=we();if(!Array.isArray(e.results)||0===e.results.length)return vt(ct("results must be a non-empty array"));if(e.results.length>100)return vt(ct(`results must have at most 100 entries (got ${e.results.length})`));try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const n=await It(t,e.project_id,e.item_id);if(!n)return vt(ot("Item",e.item_id));if("test-case"!==n.type)return vt(ct(`Item '${e.item_id}' is a ${n.type}, not a test-case`));const{data:a,error:s}=await t.rpc("record_test_results_bulk",{p_project_id:e.project_id,p_item_id:e.item_id,p_run_by:i||r,p_actor_user_id:r,p_results:e.results});if(s)throw new Error(s.message);return t.from("change_history").insert({item_id:e.item_id,project_id:e.project_id,changed_by:r,event_type:"test_result_recorded",old_data:null,new_data:{bulk:!0,count:e.results.length,results:a},actor:Yi(),session_id:Gi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)}),wt(nt({item_id:e.item_id,count:e.results.length,results:a,message:`Recorded ${e.results.length} test results for ${e.item_id}`}))}catch(e){return vt(gt(e))}}E(Cr,{recordTestResultsBulkHandler:()=>Pr});var Mr,qr,$r,Nr,Lr=I({"src/tools/record-test-results-bulk.ts"(){Se(),Dt(),Zi(),xt()}}),Wr={};async function Vr(e){try{const t=Math.min(Math.max(e.depth??5,1),10),r=await fe(),i=await It(r,e.project_id,e.item_id);if(!i)return vt(ot("Item",e.item_id));const{data:n,error:a}=await r.from("items").select("id, title, type, data").eq("project_id",e.project_id).is("deleted_at",null);if(a)throw new Error(a.message);const{data:s,error:o}=await r.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(o)throw new Error(o.message);const d=zt(n??[],s??[]),c=new Map;for(const e of n??[])c.set(e.id,{title:e.title,type:e.type});const l=new Map,m=(e,t,r)=>{l.has(e)||l.set(e,[]),l.get(e).push({neighbor:t,relType:r})},p=e.relationship_types?new Set(e.relationship_types):null;for(const t of d??[]){const r=t.type;if(("upstream"===e.direction||"both"===e.direction)&&(qr.includes(r)&&(p&&!p.has(r)||m(t.from_id,t.to_id,r)),$r.includes(r))){const e=Nr[r]??r;p&&!p.has(e)||m(t.to_id,t.from_id,e)}if(("downstream"===e.direction||"both"===e.direction)&&($r.includes(r)&&(p&&!p.has(r)||m(t.from_id,t.to_id,r)),qr.includes(r))){const e=Nr[r]??r;p&&!p.has(e)||m(t.to_id,t.from_id,e)}"related"===r&&(p&&!p.has("related")||(m(t.from_id,t.to_id,"related"),m(t.to_id,t.from_id,"related")))}const u=new Set;u.add(e.item_id);const _=[],f=[],h=[],g=l.get(e.item_id)??[];for(const t of g)h.push({id:t.neighbor,depth:1,relType:t.relType,from:e.item_id});for(;h.length>0&&_.length<Mr;){const{id:e,depth:r,relType:i,from:n}=h.shift();if(u.has(e)||r>t)continue;u.add(e);const a=c.get(e);if(a&&(_.push({id:e,title:a.title,type:a.type,relationship:i,depth:r,from:n}),f.push({from:n,to:e,type:i}),r<t)){const t=l.get(e)??[];for(const i of t)u.has(i.neighbor)||h.push({id:i.neighbor,depth:r+1,relType:i.relType,from:e})}}const y=c.get(e.item_id),b=y?{id:e.item_id,title:y.title,type:y.type,relationship:"root",depth:0,from:e.item_id}:{id:e.item_id,title:i.title??e.item_id,type:i.type??"unknown",relationship:"root",depth:0,from:e.item_id};return wt(nt({root:e.item_id,direction:e.direction,depth_limit:t,items:[b,..._],edges:f,total_count:_.length+1,..._.length>=Mr?{truncated:!0,truncation_message:`Results capped at ${Mr} items. Use a smaller depth or filter by relationship_types.`}:{}}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Wr,{traceHandler:()=>Vr});var Fr=I({"src/tools/trace.ts"(){Se(),Dt(),xt(),Mr=200,qr=["parent","verifies"],$r=["child","verified_by"],Nr={parent:"child",child:"parent",verifies:"verified_by",verified_by:"verifies",related:"related"}}}),Br={};async function Jr(e){try{let t=(await fe()).from("assets").select("id, name, archived_at, created_at").eq("project_id",e.project_id).order("name");e.include_archived||(t=t.is("archived_at",null));const{data:r,error:i}=await t;if(i)throw new Error(i.message);return wt(nt({assets:r||[],total:(r||[]).length}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Br,{listAssetsHandler:()=>Jr});var Qr=I({"src/tools/assets.ts"(){Se(),xt()}}),Gr={};async function Yr(e,t,r,i){if(r&&i)throw new Error("baseline_id and as_of are mutually exclusive");if(i)return i;if(!r)return null;const{data:n,error:a}=await e.from("baselines").select("project_id, snapshot_at, deleted_at").eq("id",r).maybeSingle();if(a)throw new Error(a.message);if(!n||n.project_id!==t||n.deleted_at)throw new Error("Baseline not found for this project");return n.snapshot_at}async function Kr(e,t,r){if(r){const{data:i,error:n}=await e.rpc("variables_at",{p_project_id:t,p_snapshot_at:r});if(n)throw new Error(n.message);return i??[]}const{data:i,error:n}=await e.from("project_variables").select("*").eq("project_id",t).order("name");if(n)throw new Error(n.message);return i??[]}async function Zr(e,t,r,i){const{data:n,error:a}=await e.rpc("save_variable_with_revision",{p_project_id:t.project_id,p_name:t.name,p_value:t.value,p_unit:t.unit??null,p_description:t.description??null,p_is_signal:t.is_signal??!1,p_range_min:t.range_min??null,p_range_max:t.range_max??null,p_rate_ms:t.rate_ms??null,p_user_id:r,p_event_source:i,p_variable_id:t.id??null});if(a)throw new Error(a.message);return n}async function Xr(e){try{const t=await fe(),r=await Yr(t,e.project_id,e.baseline_id,e.as_of),i=await Kr(t,e.project_id,r);return wt(nt({variables:i,total:i.length}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}async function ei(e){try{const t=await fe(),r=await Yr(t,e.project_id,e.baseline_id,e.as_of),i=(await Kr(t,e.project_id,r)).find(t=>t.name===e.variable_name)??null;if(!i)return vt(ot("Variable",e.variable_name));const{data:n}=await t.from("items").select("id, title, type").eq("project_id",e.project_id).is("deleted_at",null),a=`{${e.variable_name}}`,s=(n||[]).filter(e=>(e.data?.body||"").includes(a));return wt(nt({variable:i,referenced_by:s.map(e=>({id:e.id,title:e.title,type:e.type})),reference_count:s.length}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}async function ti(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const i=await t.from("project_variables").select("*").eq("project_id",e.project_id).eq("name",e.variable_name).maybeSingle();if(!i.data)return vt(ot("Variable",e.variable_name));const n={updated_by:r,updated_at:(new Date).toISOString()};return void 0!==e.value&&(n.value=e.value),void 0!==e.unit&&(n.unit=e.unit||null),void 0!==e.description&&(n.description=e.description||null),wt(nt({variable:await Zr(t,{...i.data,...n,project_id:e.project_id,name:e.variable_name,value:n.value??i.data.value,unit:n.unit??i.data.unit,description:n.description??i.data.description},r,"mcp")}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}async function ri(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const i=/^[a-zA-Z_][a-zA-Z0-9_]*$/;if(e.variables&&Array.isArray(e.variables)){const n=e.variables.filter(e=>!i.test(e.name));if(n.length>0)return vt(ct(`Invalid variable name(s): ${n.map(e=>e.name).join(", ")}. Use letters, digits, underscores; must start with letter or underscore.`));const a=e.variables.map(e=>e.name),s=a.filter((e,t)=>a.indexOf(e)!==t);if(s.length>0)return vt(ct(`Duplicate names in batch: ${[...new Set(s)].join(", ")}`));const{data:o}=await t.from("project_variables").select("name").eq("project_id",e.project_id).in("name",a),d=(o??[]).map(e=>e.name);if(d.length>0)return vt(ct(`Variable(s) already exist: ${d.join(", ")}. Remove them from the batch or use atoms_update_variable to change values.`));const c=e.variables.map(t=>({project_id:e.project_id,name:t.name,value:t.value,unit:t.unit??null,description:t.description??null,created_by:r,updated_by:r})),l=await async function(e,t,r,i){const{data:n,error:a}=await e.rpc("bulk_save_variables_with_revisions",{p_project_id:t,p_variables:r,p_user_id:i,p_event_source:"mcp"});if(a)throw new Error(a.message);return n??[]}(t,e.project_id,c,r);return wt(nt({batch_id:crypto.randomUUID(),created:(l??[]).length,variables:!1===e.echo?(l??[]).map(e=>({name:e.name})):l??[],message:`${(l??[]).length} variable(s) created. Reference them as {name} in requirement bodies.`}))}if(!e.name||!e.value)return vt(ct("Provide either (name, value) for single variable or variables[] for batch."));if(!i.test(e.name))return vt(ct(`Variable name "${e.name}" is invalid. Use letters, digits, and underscores only; must start with a letter or underscore.`));const{data:n}=await t.from("project_variables").select("name").eq("project_id",e.project_id).eq("name",e.name).maybeSingle();if(n)return vt(ct(`Variable "${e.name}" already exists in this project.`));const a=await Zr(t,{project_id:e.project_id,name:e.name,value:e.value,unit:e.unit??null,description:e.description??null},r,"mcp");return!1===e.echo?wt(nt({name:e.name})):wt(nt({variable:a,message:`Variable "${e.name}" created. Reference it in requirement bodies as {${e.name}}.`}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}async function ii(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const{data:i}=await t.from("project_variables").select("id").eq("project_id",e.project_id).eq("name",e.name).maybeSingle();if(!i)return vt(ot("Variable",e.name));const{data:n}=await t.from("items").select("id").eq("project_id",e.project_id).is("deleted_at",null).filter("data->>body","ilike",`%{${e.name}}%`),a=(n??[]).length;if(a>0&&!e.force)return vt(ct(`Variable "${e.name}" is referenced in ${a} item${a>1?"s":""}. Use force=true to delete anyway, or remove all {${e.name}} references first.`));if(_r("atoms_delete_variable")){const t={tool:"atoms_delete_variable",project_id:e.project_id,target:e.name};if(!e.confirmation_token){const r=fr(t);return wt(nt({status:"confirmation_required",preview:{variable_name:e.name,referenced_by_items:a,would_orphan_references:a>0},confirmation_token:r.token,expires_at:r.expires_at,expires_in_seconds:r.expires_in_seconds,message:`Re-call atoms_delete_variable with the same project_id, name, and confirmation_token within ${r.expires_in_seconds}s to execute.`}))}const r=hr(e.confirmation_token,t);if(!r.valid)return vt(ct(`confirmation_token rejected: ${r.reason}`))}const s=await async function(e,t,r,i){const{data:n,error:a}=await e.rpc("delete_variable_with_revision",{p_project_id:t,p_variable_id:r,p_user_id:i,p_event_source:"mcp"});if(a)throw new Error(a.message);return Boolean(n)}(t,e.project_id,i.id,r);return s?wt(nt({deleted:!0,name:e.name,referenced_by_items:a,warning:a>0?`${a} item${a>1?"s":""} still contain {${e.name}} — those references are now unresolved.`:void 0})):vt(ot("Variable",e.name))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Gr,{createVariableHandler:()=>ri,deleteVariableHandler:()=>ii,getVariableHandler:()=>ei,listVariablesHandler:()=>Xr,updateVariableHandler:()=>ti});var ni=I({"src/tools/variables.ts"(){Se(),wr(),xt()}}),ai={};async function si(e,t){const{data:r}=await e.from("metadata").select("domains, levels").eq("project_id",t).maybeSingle();return{domains:r?.domains??[],levels:r?.levels??[]}}async function oi(e,t,r,i){const{error:n}=await e.from("metadata").upsert({project_id:t,domains:r,levels:i},{onConflict:"project_id"});if(n)throw new Error(n.message)}async function di(e){try{const t=await fe(),{domains:r}=await si(t,e.project_id),{counts:i,orphans:n}=await async function(e,t,r){const{data:i}=await e.from("items").select("data").eq("project_id",t).is("deleted_at",null),n={};for(const e of r)n[e]=0;const a={};for(const e of i??[]){const t=e.data?.tags?.domains??[];for(const e of t)a[e]=(a[e]??0)+1,e in n&&n[e]++}const s=new Set(r),o={};for(const[e,t]of Object.entries(a))s.has(e)||(o[e]=t);return{counts:n,orphans:o}}(t,e.project_id,r),a=r.map(e=>({name:e,registered:!0,item_count:i[e]??0})),s=Object.entries(n).map(([e,t])=>({name:e,registered:!1,item_count:t})).sort((e,t)=>e.name.localeCompare(t.name)),o=[...a,...s];return wt(nt({domains:o,total:o.length,registered_count:a.length,unregistered_count:s.length,note:s.length>0?`${s.length} unregistered tag(s) found on items. Use atoms_create_domain to register them, or atoms_update_item to remove them.`:void 0}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}async function ci(e){try{const t=await fe();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const{domains:r,levels:i}=await si(t,e.project_id),n=e.name.trim().toLowerCase();return n?r.includes(n)?vt(ct(`Domain "${n}" already exists in this project.`)):(await oi(t,e.project_id,[...r,n],i),wt(nt({domain:{name:n},message:`Domain "${n}" registered. You can now tag items with domains=["${n}"].`}))):vt(ct("Domain name cannot be empty."))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}async function li(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const{domains:i,levels:n}=await si(t,e.project_id),a=e.name.trim().toLowerCase(),s=e.new_name.trim().toLowerCase();if(!s)return vt(ct("new_name cannot be empty."));const o=i.includes(a);if(!o){const{data:r}=await t.from("items").select("id").eq("project_id",e.project_id).is("deleted_at",null).filter("data->tags->domains","cs",JSON.stringify([a])).limit(1);if(!r||0===r.length)return vt(ot("Domain",a))}if(s!==a&&i.includes(s))return vt(ct(`Domain "${s}" already exists. Choose a different name.`));const{data:d,error:c}=await t.from("items").select("id, data").eq("project_id",e.project_id).is("deleted_at",null).filter("data->tags->domains","cs",JSON.stringify([a]));if(c)throw new Error(c.message);const l=(d??[]).length;if(e.dry_run)return wt(nt({dry_run:!0,rename:{from:a,to:s},items_affected:l,message:`Dry run: renaming "${a}" → "${s}" would update ${l} item${1!==l?"s":""}. Call again with dry_run=false to apply.`}));let m;m=o?i.map(e=>e===a?s:e):i.includes(s)?i:[...i,s],await oi(t,e.project_id,m,n);const{error:p}=await t.rpc("apply_domain_change",{p_project_id:e.project_id,p_old_domain:a,p_new_domain:s,p_user_id:r,p_event_source:"mcp"});if(p)throw new Error(p.message);return wt(nt({domain:{name:s},renamed_from:a,items_updated:l,message:`Domain renamed "${a}" → "${s}". ${l} item${1!==l?"s":""} updated.`}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}async function mi(e){try{const t=await fe(),r=be();try{await ve(t,e.project_id)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message)return vt(dt("Viewer"));throw e}const{domains:i,levels:n}=await si(t,e.project_id),a=e.name.trim().toLowerCase(),s=i.includes(a),{data:o,error:d}=await t.from("items").select("id, data").eq("project_id",e.project_id).is("deleted_at",null).filter("data->tags->domains","cs",JSON.stringify([a]));if(d)throw new Error(d.message);const c=(o??[]).length;if(!s&&0===c)return vt(ot("Domain",a));if(c>0&&!e.force)return vt(ct(`Domain "${a}" is used by ${c} item${c>1?"s":""}. Use force=true to delete and strip the domain from all items, or re-tag them first.`));if(_r("atoms_delete_domain")){const t={tool:"atoms_delete_domain",project_id:e.project_id,target:a};if(!e.confirmation_token){const e=fr(t);return wt(nt({status:"confirmation_required",preview:{domain_name:a,items_using_count:c,would_strip_from_items:c>0},confirmation_token:e.token,expires_at:e.expires_at,expires_in_seconds:e.expires_in_seconds,message:`Re-call atoms_delete_domain with the same project_id, name, and confirmation_token within ${e.expires_in_seconds}s to execute.`}))}const r=hr(e.confirmation_token,t);if(!r.valid)return vt(ct(`confirmation_token rejected: ${r.reason}`))}const l=s?i.filter(e=>e!==a):i;if(await oi(t,e.project_id,l,n),c>0){const{error:i}=await t.rpc("apply_domain_change",{p_project_id:e.project_id,p_old_domain:a,p_new_domain:null,p_user_id:r,p_event_source:"mcp"});if(i)throw new Error(i.message)}return wt(nt({deleted:!0,name:a,items_updated:c,message:c>0?`Domain "${a}" deleted and stripped from ${c} item${c>1?"s":""}.`:`Domain "${a}" deleted.`}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(ai,{createDomainHandler:()=>ci,deleteDomainHandler:()=>mi,listDomainsHandler:()=>di,updateDomainHandler:()=>li});var pi=I({"src/tools/domains.ts"(){Se(),wr(),xt()}}),ui={};async function _i(e){try{const t=await fe(),{data:r,error:i}=await t.from("projects").select("id, name").eq("id",e.project_id).is("deleted_at",null).maybeSingle(),n=r?.name??null,a=i?.message??null,{data:s,error:o}=await t.from("items").select("id, type, data").eq("project_id",e.project_id).is("deleted_at",null);if(o)throw new Error(o.message);const d=s??[];if(!n&&0===d.length){if(a)throw new Error(a);return vt(ot("Project",e.project_id))}const c={requirements:0,test_cases:0,notes:0},l=[],m=[];for(const e of d)if("requirement"===e.type){c.requirements++;const t=e.data?.tags?.domains??[];m.push({id:e.id,domains:t})}else"test-case"===e.type?(c.test_cases++,l.push(e.id)):"note"===e.type&&c.notes++;const p={passed:0,failed:0,blocked:0,not_run:0};if(l.length>0){const{data:r,error:i}=await t.from("test_results").select("item_id, result, run_at").eq("project_id",e.project_id).order("run_at",{ascending:!1});if(i)throw new Error(i.message);const n=new Map;for(const e of r??[])n.has(e.item_id)||n.set(e.item_id,e.result);for(const e of l){const t=n.get(e);t&&"not-run"!==t?"passed"===t?p.passed++:"failed"===t?p.failed++:"blocked"===t?p.blocked++:p.not_run++:p.not_run++}}const{data:u,error:_}=await t.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(_)throw new Error(_.message);const f=zt(s??[],u??[]),h=new Set;for(const e of f)"verifies"===e.type?h.add(e.to_id):"verified_by"===e.type&&h.add(e.from_id);const g=m.filter(e=>h.has(e.id)).length,y=m.length,b={covered:g,uncovered:y-g,total:y,percent:y>0?Math.round(g/y*1e3)/10:100},w=new Map;for(const e of m){const t=e.domains.length>0?e.domains:["(untagged)"],r=h.has(e.id);for(const e of t){w.has(e)||w.set(e,{covered:0,total:0});const t=w.get(e);t.total++,r&&t.covered++}}const v=Array.from(w.entries()).sort((e,t)=>e[0].localeCompare(t[0])).map(([e,t])=>({domain:e,covered:t.covered,total:t.total,percent:t.total>0?Math.round(t.covered/t.total*1e3)/10:100})),j=new Date;j.setDate(j.getDate()-7);const{count:x,error:S}=await t.from("change_history").select("id",{count:"exact",head:!0}).eq("project_id",e.project_id).gte("changed_at",j.toISOString());if(S)throw new Error(S.message);return wt(nt({project_id:e.project_id,project_name:n??`Project ${e.project_id.slice(0,8)}`,counts:c,test_status:p,coverage:b,coverage_by_domain:v,recent_changes:x??0,last_updated:(new Date).toISOString()}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(ui,{projectSummaryHandler:()=>_i});var fi,hi=I({"src/tools/project-summary.ts"(){Se(),Dt(),xt()}}),gi={};async function yi(e){try{const t=await fe();let r,i;if(e.query&&e.query.trim().length>0){const n=await At(t,e.project_id,e.query,{type:e.type,limit:e.limit});r=n.items.map(e=>({id:e.id,title:e.title,type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),i=n.totalCount}else{const n=await kt(t,e.project_id,{type:e.type,domain:e.domain,level:e.level,limit:e.limit,offset:e.offset});r=n.items.map(e=>({id:e.id,title:e.title,type:e.type,status:e.data?.status,domains:e.data?.tags?.domains??[],level:e.data?.tags?.level})),i=n.totalCount}const n=await async function(e,t){const{data:r,error:i}=await e.from("items").select("data").eq("project_id",t).is("deleted_at",null);if(i)throw new Error(i.message);const n=new Set,a=new Set;for(const e of r??[]){const t=e.data?.tags;if(t){const e=t.domains;if(e)for(const t of e)n.add(t);const r=t.level;r&&a.add(r)}}return{domains:[...n].sort(),levels:[...a].sort()}}(t,e.project_id);return wt(nt({items:r,filters:{domains:n.domains,levels:n.levels,types:fi},project_id:e.project_id},at(i,e.limit,e.offset)))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(gi,{browseHandler:()=>yi});var bi,wi,vi,ji,xi=I({"src/tools/browse.ts"(){Se(),Dt(),xt(),fi=["requirement","test-case","note","table"]}}),Si={};async function ki(e){try{const t=e.direction??"downstream",r=null!=e.depth?Math.min(Math.max(e.depth,1),20):null,i=await fe(),n=await It(i,e.project_id,e.item_id);if(!n)return vt(ot("Item",e.item_id));const{data:a,error:s}=await i.from("item_relationships").select("from_id, to_id, type").eq("project_id",e.project_id);if(s)throw new Error(s.message);const{data:o,error:d}=await i.from("items").select("id, title, type").eq("project_id",e.project_id).is("deleted_at",null);if(d)throw new Error(d.message);const c=new Map;for(const e of o??[])c.set(e.id,{title:e.title,type:e.type});const l=new Map,m=(e,t,r)=>{l.has(e)||l.set(e,[]),l.get(e).push({neighbor:t,relType:r})};for(const e of a??[]){const r=e.type;"upstream"!==t&&"both"!==t||(wi.includes(r)&&m(e.from_id,e.to_id,r),vi.includes(r)&&m(e.to_id,e.from_id,ji[r]??r)),"downstream"!==t&&"both"!==t||(vi.includes(r)&&m(e.from_id,e.to_id,r),wi.includes(r)&&m(e.to_id,e.from_id,ji[r]??r)),"related"===r&&(m(e.from_id,e.to_id,"related"),m(e.to_id,e.from_id,"related"))}const p=new Set;p.add(e.item_id);const u=[];let _=0;const f=[];for(const t of l.get(e.item_id)??[])f.push({id:t.neighbor,depth:1,path:[{from_id:e.item_id,to_id:t.neighbor,relationship_type:t.relType}]});for(;f.length>0&&u.length<bi;){const{id:e,depth:t,path:i}=f.shift();if(p.has(e))continue;if(null!==r&&t>r)continue;p.add(e);const n=c.get(e);if(n&&(u.push({item_id:e,title:bt(n.title),type:n.type,depth:t,relationship_path:i}),t>_&&(_=t),null===r||t<r))for(const r of l.get(e)??[])p.has(r.neighbor)||f.push({id:r.neighbor,depth:t+1,path:[...i,{from_id:e,to_id:r.neighbor,relationship_type:r.relType}]})}let h=0;if(e.include_variable_refs){const{data:t}=await i.from("variable_references").select("variable_id").eq("item_id",e.item_id).eq("project_id",e.project_id),r=[...new Set((t??[]).map(e=>e.variable_id))];if(r.length>0){const{data:t}=await i.from("project_variables").select("id, name").in("id",r),n=new Map((t??[]).map(e=>[e.id,e.name])),{data:a}=await i.from("variable_references").select("variable_id, item_id").in("variable_id",r).eq("project_id",e.project_id).neq("item_id",e.item_id);for(const t of a??[]){const r=t.item_id;if(p.has(r))continue;if(u.length>=bi)break;p.add(r);const i=c.get(r);if(!i)continue;const a=n.get(t.variable_id)??t.variable_id;u.push({item_id:r,title:bt(i.title),type:i.type,depth:1,relationship_path:[{from_id:e.item_id,to_id:r,relationship_type:`variable_ref:${a}`}]}),h++}}}const g={};for(const e of u)g[e.type]=(g[e.type]??0)+1;const y=c.get(e.item_id);return wt(nt({root:{item_id:e.item_id,title:bt(y?.title??n.title),type:y?.type??n.type},impacted_items:u,summary:{total_impacted:u.length,by_type:g,max_depth_reached:_,...h>0?{variable_impact_count:h}:{},...u.length>=bi?{truncated:!0}:{}}}))}catch(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):vt(yt(e instanceof Error?e.message:String(e)))}}E(Si,{impactAnalysisHandler:()=>ki});var Ii=I({"src/tools/impact-analysis.ts"(){Se(),Dt(),xt(),bi=200,wi=["parent","verifies","traces_to","allocated_from","decomposed_from"],vi=["child","verified_by","allocated_to","decomposes_to","traced_by"],ji={parent:"child",child:"parent",verifies:"verified_by",verified_by:"verifies",related:"related",traces_to:"traced_by",traced_by:"traces_to",allocated_to:"allocated_from",allocated_from:"allocated_to",decomposes_to:"decomposed_from",decomposed_from:"decomposes_to"}}}),Ei={};function Oi(e){return e instanceof Error&&e.message.includes("Not authenticated")?vt(lt()):null}async function Ti(e,t,r,i){if(await async function(e,t,r,i){const{error:n}=await e.from("item_relationships").delete().eq("project_id",t).eq("from_id",r);if(n)throw new Error(n.message);const a=function(e,t,r){const i=r.relationships??{},n=[],a=(r,i)=>{if(Array.isArray(r))for(const a of r)"string"==typeof a&&a.length>0&&a!==t&&n.push({from_id:t,to_id:a,type:i,project_id:e})};return a(i.parents,"parent"),a(i.children,"child"),a(i.related,"related"),a(i.verified_by,"verified_by"),a(i.verifies,"verifies"),n}(t,r,i);if(0===a.length)return;const s=Array.from(new Set(a.map(e=>e.to_id))),{data:o,error:d}=await e.from("items").select("id").eq("project_id",t).is("deleted_at",null).in("id",s);if(d)throw new Error(d.message);const c=new Set((o??[]).map(e=>e.id)),l=a.filter(e=>c.has(e.to_id));if(0===l.length)return;const{error:m}=await e.from("item_relationships").insert(l);if(m)throw new Error(m.message)}(e,t,r.id,r.data),"test-case"===r.type){const{error:n}=await e.rpc("sync_test_results_for_item",{p_project_id:t,p_item_id:r.id,p_actor_user_id:i});if(n)throw new Error(n.message)}}async function Ui(e,t,r,i){await e.from("change_history").insert({item_id:r.id,project_id:t,changed_by:i,event_type:"restored",old_data:r.oldData,new_data:r.data,actor:Yi(),session_id:Gi()}).then(({error:e})=>{e&&process.stderr.write(`[atoms-mcp] Warning: change_history log failed: ${e.message}\n`)})}async function Ai(e,t,r){const{data:i,error:n}=await e.from("projects").select("org_id").eq("id",t).maybeSingle();if(n)return vt(yt(n.message));if(!i)return vt(ot("Project",t));const{data:a,error:s}=await e.from("organizations").select("feature_flags").eq("id",i.org_id).maybeSingle();return s?vt(yt(s.message)):!0!==(a?.feature_flags??{})[r]?vt(st(`Feature '${r}' is not enabled for this organization`,["Ask an org admin to enable the flag in Org Settings."])):null}async function zi(e){try{const t=await fe(),r=await async function(e,t){const{data:r,error:i}=await e.from("baselines").select("id, project_id, name, description, snapshot_at, created_at, created_by, locked_at, locked_by").eq("project_id",t).is("deleted_at",null).order("snapshot_at",{ascending:!1});if(i)throw new Error(`listBaselines: ${i.message}`);return r??[]}(t,e.project_id),i=Math.max(e.offset??0,0),n=Math.min(Math.max(e.limit??50,1),100);return wt(nt({baselines:r.slice(i,i+n).map(e=>({id:e.id,name:e.name,description:e.description,snapshot_at:e.snapshot_at,created_at:e.created_at,created_by:e.created_by,locked:null!==e.locked_at,locked_at:e.locked_at})),total:r.length,offset:i,limit:n}))}catch(e){return Oi(e)??vt(yt(e instanceof Error?e.message:String(e)))}}async function Hi(e){try{const t=await fe(),r=await Ai(t,e.project_id,"baselines_enabled");if(r)return r;const{data:i,error:n}=await t.from("baselines").insert({project_id:e.project_id,name:e.name.trim(),description:e.description??null,snapshot_at:(new Date).toISOString()}).select().single();return n?"23505"===n.code?vt(st(`Baseline name "${e.name}" already exists in this project`,["Pick a different name"])):vt(yt(n.message)):wt(nt({id:i.id,name:i.name,description:i.description,snapshot_at:i.snapshot_at,created_at:i.created_at,locked:!1}))}catch(e){return Oi(e)??vt(yt(e instanceof Error?e.message:String(e)))}}async function Di(e){try{const t=await fe(),r=await Ot(t,e.baseline_id);if(!r)return vt(ot("Baseline",e.baseline_id));const i=await Ai(t,r.project_id,"baselines_enabled");if(i)return i;if(null!==r.locked_at)return vt(st("Baseline is already locked",["Locks are one-way; nothing to do"]));const{data:n}=await t.from("projects").select("org_id").eq("id",r.project_id).maybeSingle();if(!n)return vt(ot("Project",r.project_id));const{data:a}=await t.auth.getUser(),s=a?.user?.id;if(!s)return vt(lt());const{data:o}=await t.from("org_members").select("role").eq("user_id",s).eq("org_id",n.org_id).maybeSingle();if(!o||"admin"!==o.role)return vt(st("Only admins can lock baselines",["Ask an org admin to lock this baseline"]));const{data:d,error:c}=await t.from("baselines").update({locked_at:(new Date).toISOString(),locked_by:s}).eq("id",e.baseline_id).select().single();return c?vt(yt(c.message)):wt(nt({id:d.id,locked_at:d.locked_at,locked_by:d.locked_by}))}catch(e){return Oi(e)??vt(yt(e instanceof Error?e.message:String(e)))}}async function Ri(e){try{const t=await fe(),[r,i]=await Promise.all([Ot(t,e.baseline_a_id),Ot(t,e.baseline_b_id)]);if(!r||!i)return vt(ot("Baseline","one of the baseline_ids"));if(r.project_id!==i.project_id)return vt(st("Both baselines must belong to the same project",["Verify both baseline_ids are from the same project_id"]));const[n,a]=await Promise.all([Ut(t,r.project_id,r.snapshot_at),Ut(t,i.project_id,i.snapshot_at)]),s=new Map(n.map(e=>[e.id,e])),o=new Map(a.map(e=>[e.id,e])),d=Array.from(new Set([...s.keys(),...o.keys()])).sort(),c=[];let l=0,m=0,p=0;for(const e of d){const t=s.get(e),r=o.get(e);if(!t&&r)l++,c.push({item_id:e,change_type:"added"});else if(t&&!r)m++,c.push({item_id:e,change_type:"removed"});else if(t&&r){const i=[];t.title!==r.title&&i.push("title"),t.type!==r.type&&i.push("type");JSON.stringify(t.data??{})!==JSON.stringify(r.data??{})&&i.push("data"),i.length>0&&(p++,c.push({item_id:e,change_type:"modified",fields_changed:i}))}}const u=Math.max(e.offset??0,0),_=Math.min(Math.max(e.limit??50,1),200),f=e.detail?c.slice(u,u+_):c.slice(u,u+_).map(({item_id:e,change_type:t,fields_changed:r})=>({item_id:e,change_type:t,fields_changed:r}));return wt(nt({summary:{added:l,removed:m,modified:p,total_compared:d.length},items:f,page_info:{offset:u,limit:_,total:c.length},baselines:{a:{id:r.id,name:r.name,snapshot_at:r.snapshot_at},b:{id:i.id,name:i.name,snapshot_at:i.snapshot_at}}}))}catch(e){return Oi(e)??vt(yt(e instanceof Error?e.message:String(e)))}}async function Ci(e){try{const t=await fe(),r=await Ot(t,e.baseline_id);if(!r)return vt(ot("Baseline",e.baseline_id));const i=await Ai(t,r.project_id,"baselines_enabled");if(i)return i;const{data:n}=await t.from("projects").select("org_id").eq("id",r.project_id).maybeSingle();if(!n)return vt(ot("Project",r.project_id));const{data:a}=await t.auth.getUser(),s=a?.user?.id;if(!s)return vt(lt());const{data:o}=await t.from("org_members").select("role").eq("user_id",s).eq("org_id",n.org_id).maybeSingle();if(!o||"admin"!==o.role)return vt(st("Only admins can restore from a baseline",["Ask an org admin to run the restore"]));const d=await Ut(t,r.project_id,r.snapshot_at),c=d.map(e=>e.id),{data:l,error:m}=c.length>0?await t.from("items").select("*").eq("project_id",r.project_id).in("id",c):{data:[],error:null};if(m)return vt(yt(m.message));const p=function(e,t){const r=new Map(t.map(e=>[e.id,e]));return e.flatMap(e=>{const t=r.get(e.id),i=[];var n,a;return t?(null!==t.deleted_at&&i.push("deleted_at"),t.type!==e.type&&i.push("type"),t.title!==e.title&&i.push("title"),n=t.data,a=e.data,JSON.stringify(n??{})!==JSON.stringify(a??{})&&i.push("data")):i.push("missing"),0===i.length?[]:[{id:e.id,type:e.type,title:e.title,data:e.data??{},diff_summary:{changed_fields:i,restored:!0},oldData:t?.data??null}]})}(d,l??[]),{data:u,error:_}=await t.rpc("variables_at",{p_project_id:r.project_id,p_snapshot_at:r.snapshot_at});if(_)return vt(yt(_.message));const f=u??[];if(!0!==e.confirm)return wt(nt({preview:!0,items_to_restore:p.length,variables_to_restore:f.length}));let h=0;if(p.length>0){const e=p.map(({oldData:e,...t})=>t),{data:i,error:n}=await t.rpc("bulk_save_items_with_revisions",{p_project_id:r.project_id,p_items:e,p_user_id:s,p_event_source:"restore"});if(n)return vt(yt(n.message));h="number"==typeof i?i:p.length;for(const e of p)await Ti(t,r.project_id,e,s),await Ui(t,r.project_id,e,s)}if(f.length>0){const{error:e}=await t.rpc("bulk_save_variables_with_revisions",{p_project_id:r.project_id,p_variables:f,p_user_id:s,p_event_source:"restore"});if(e)return vt(yt(e.message))}return wt(nt({ok:!0,items_restored:h,variables_restored:f.length}))}catch(e){return Oi(e)??vt(yt(e instanceof Error?e.message:String(e)))}}E(Ei,{createBaselineHandler:()=>Hi,diffBaselinesHandler:()=>Ri,listBaselinesHandler:()=>zi,lockBaselineHandler:()=>Di,restoreBaselineHandler:()=>Ci});var Pi,Mi,qi,$i,Ni,Li,Wi,Vi,Fi=I({"src/tools/baselines.ts"(){Se(),Zi(),xt(),Dt()}}),Bi={};function Ji(e){L(e.toolName)&&function(e,t){const r=`ui://${t.toolName}/${t.htmlFile}`,i=function(e,t){const r=s.fileURLToPath("undefined"==typeof document?require("url").pathToFileURL(__filename).href:p&&"SCRIPT"===p.tagName.toUpperCase()&&p.src||new URL("index.cjs",document.baseURI).href),i=j.default.dirname(r);return j.default.resolve(i,"apps","src","apps",e,t)}(t.appName,t.htmlFile),n=[...jt.resourceDomains,...t.extraResourceDomains??[]];d.registerAppTool(e,t.toolName,{title:t.title,description:t.description,inputSchema:t.inputSchema,annotations:t.annotations,_meta:{ui:{resourceUri:r}}},t.handler),d.registerAppResource(e,`${t.title} UI`,r,{mimeType:d.RESOURCE_MIME_TYPE},async()=>{const e=await v.default.readFile(i,"utf-8");return{contents:[{uri:r,mimeType:d.RESOURCE_MIME_TYPE,text:e,_meta:{ui:{csp:{resourceDomains:n}}}}]}})}($i,e)}function Qi(e,t){return async r=>{const i=U(M(),e);if(!i.allowed)return vt(st(`Tool ${e} is blocked by org policy.`,[z(i.reason),"Contact your org admin to adjust the MCP access policy."]));try{!function(e){const t=We();if(!t)return;if("object"!=typeof e||null===e)return;const r=e.project_id;if("string"==typeof r&&r!==t)throw new $e(t,r)}(r)}catch(e){if(e instanceof $e)return vt(pt(e.expectedProjectId));throw e}{const e=M(),t=r?.project_id;if(null!==e.project_scope&&"string"==typeof t&&!e.project_scope.includes(t))return vt(st("Tool call rejected: project_id is outside your org's MCP project scope.",[`Allowed projects: ${e.project_scope.length} project${1===e.project_scope.length?"":"s"} configured by your admin`,"Use atoms_list_projects to see which projects you can access in this session"]))}let n,a;try{a=await fe(),n=be()}catch{return t(r)}const s=await async function(e,t){const r=parseInt(process.env.ATOMS_RATE_LIMIT_RPM??"",10)||Ce,i=new Date,n=new Date(i.getTime()-Pe);try{const{count:a,error:s}=await t.from("mcp_rate_limits").select("id",{count:"exact",head:!0}).eq("user_id",e).gte("requested_at",n.toISOString());if(s)throw new Error(s.message);if((a??0)>=r){const{data:r,error:a}=await t.from("mcp_rate_limits").select("requested_at").eq("user_id",e).gte("requested_at",n.toISOString()).order("requested_at",{ascending:!0}).limit(1).maybeSingle();if(a)throw new Error(a.message);const s=(r?new Date(r.requested_at).getTime():i.getTime())+Pe-i.getTime();return{allowed:!1,retryAfterSeconds:Math.max(1,Math.ceil(s/1e3))}}t.from("mcp_rate_limits").insert({user_id:e,requested_at:i.toISOString()}).then(({error:e})=>{e&&process.stderr.write(`[rate-limiter] insert failed: ${e.message}\n`)});const o=new Date(i.getTime()-2*Pe);return t.from("mcp_rate_limits").delete().eq("user_id",e).lt("requested_at",o.toISOString()).then(()=>{}),{allowed:!0}}catch(e){return process.stderr.write(`[rate-limiter] DB check failed (${e instanceof Error?e.message:String(e)}), falling back to allow.\n`),{allowed:!0}}}(n,a);if(!s.allowed)return vt(ut(s.retryAfterSeconds));if("1"===process.env.ATOMS_MCP_LOCKDOWN||"true"===process.env.ATOMS_MCP_LOCKDOWN){const e=r?.project_id;if("string"==typeof e)try{const{requireWriteAccess:t}=await Promise.resolve().then(()=>(Se(),_e));await t(a,e)}catch(e){if(e instanceof Error&&"VIEWER_ROLE"===e.message){const{accessDeniedError:e}=await Promise.resolve().then(()=>(xt(),tt));return vt(e("Viewer (lockdown mode: read access requires editor or admin)"))}}}const o=function(){const e=performance.now();return()=>Math.round(performance.now()-e)}();let d,c="success";try{const e=await t(r),i=e;if(!0===i?.isError){c="error";const e=i?.content;if(e?.[0]?.text)try{d=JSON.parse(e[0].text).message}catch{}}return e}catch(e){throw c="error",d=e instanceof Error?e.message:String(e),e}finally{const t={tool_name:e,params:r,status:c,duration_ms:o(),error_msg:d,project_id:r.project_id,session_id:Li,client_name:Wi};try{!function(e,t,r){const i=Re(r.params);e.from("mcp_audit_log").insert({user_id:t,tool_name:r.tool_name,params:i,status:r.status,duration_ms:r.duration_ms,error_msg:r.error_msg??null,project_id:r.project_id??null,session_id:r.session_id??null,client_name:r.client_name??null}).then(({error:e})=>{e&&process.stderr.write(`[audit] Failed to log: ${e.message}\n`)})}(await fe(),n,t)}catch{}}}}function Gi(){return Li}function Yi(){return Vi}function Ki(){return Wi}E(Bi,{ATOMS_MCP_SERVER_VERSION:()=>qi,getMcpActor:()=>Yi,getMcpClientName:()=>Ki,getMcpSessionId:()=>Gi,server:()=>$i});var Zi=I({"src/server.ts"(){Ne(),Le(),F(),Fe(),q(),C(),Xe(),et(),Se(),xt(),St(),Pi=l.createRequire("undefined"==typeof document?require("url").pathToFileURL(__filename).href:p&&"SCRIPT"===p.tagName.toUpperCase()&&p.src||new URL("index.cjs",document.baseURI).href),Mi=Pi("../package.json"),qi=Mi.version,$i=new c.McpServer({name:"atoms-mcp-server",version:qi}),Ni=(e,t,r)=>{if(L(e))return $i.registerTool(e,t,r)},Li=a.randomUUID(),Wi=Be(process.env.ATOMS_CLIENT_NAME),Vi=function(){const e=Be(Wi);return"cursor"===e?"mcp_cursor":"copilot"===e?"mcp_copilot":"mcp_claude"}(),Ni("atoms_status",{title:"ATOMS MCP Health Check",description:'Check the health and authentication status of the ATOMS MCP server.\n\nCall this FIRST if other atoms tools fail or return auth errors.\nThis tool works WITHOUT authentication — it checks whether credentials\nexist and are valid, and tells the user exactly what to do if not.\n\nArgs: None\n\nReturns:\n { status: "authenticated"|"not_authenticated"|"expired", email, message, next_steps }\n\nExamples:\n - "Is ATOMS MCP working?" → atoms_status()\n - "Why are atoms tools failing?" → atoms_status()',inputSchema:{},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},async()=>{try{const{readCredentials:e,isTokenValid:t}=await Promise.resolve().then(()=>(re(),B)),r=await e();if(!r)return{content:[{type:"text",text:JSON.stringify({status:"not_authenticated",message:"No ATOMS credentials found. You need to login first.",next_steps:["1. Open a terminal on your machine","2. Run: npx @atoms-tech/atoms-mcp login","3. Complete the login in your browser","4. Restart Claude Desktop (quit and reopen)","5. Try your query again"]},null,2)}]};if(!t(r))try{const{getValidToken:e}=await Promise.resolve().then(()=>(ue(),ae)),{email:t}=await e(),{invalidateClient:r}=await Promise.resolve().then(()=>(Se(),_e));return r(),{content:[{type:"text",text:JSON.stringify({status:"authenticated",email:t,message:"Token was expired but has been refreshed. You're good to go!"},null,2)}]}}catch{return{content:[{type:"text",text:JSON.stringify({status:"expired",email:r.user_email??"unknown",message:"Your session has expired and could not be refreshed.",next_steps:["1. Open a terminal on your machine","2. Run: npx @atoms-tech/atoms-mcp logout","3. Run: npx @atoms-tech/atoms-mcp login","4. Complete the login in your browser","5. Restart Claude Desktop (quit and reopen)"]},null,2)}]}}return{content:[{type:"text",text:JSON.stringify({status:"authenticated",email:r.user_email??"unknown",message:"ATOMS MCP is connected and authenticated. All tools are ready."},null,2)}]}}catch(e){return{content:[{type:"text",text:JSON.stringify({status:"error",message:`Health check failed: ${e instanceof Error?e.message:String(e)}`,next_steps:["1. Open a terminal","2. Run: npx @atoms-tech/atoms-mcp login","3. Restart Claude Desktop"]},null,2)}]}}}),Ni("atoms_list_projects",{title:"List ATOMS Projects",description:'List all projects the authenticated user has access to.\n\nThis is the ENTRY POINT tool. Call this first to discover project IDs,\nthen use those IDs with all other tools.\n\nArgs: None\n\nReturns:\n { status: "success", data: [{ id, name, description, org_id, created_at }] }\n\nExamples:\n - "What projects do I have?" → atoms_list_projects()\n - "Show my projects" → atoms_list_projects()\n\nWorkflow:\n atoms_list_projects → atoms_list_items(project_id) → atoms_get_item(project_id, item_id)',inputSchema:{},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_list_projects",async()=>{const{listProjectsHandler:e}=await Promise.resolve().then(()=>(Pt(),Rt));return e()})),Ni("atoms_list_items",{title:"List ATOMS Items",description:'List items in an ATOMS project with optional type/domain/level filters.\n\nThis is the primary ENTRY POINT for discovering items. Use it to browse\nproject contents before drilling into specific items with atoms_get_item.\n\nArgs:\n - project_id (string, UUID): The project to list items from\n - type (string, optional): Filter: requirement|test-case|note|table\n - domain (string, optional): Filter by domain tag\n - level (string, optional): Filter by level (System, Subsystem, Component)\n - limit (number, optional): Max results, 1-200 (default 50)\n - offset (number, optional): Pagination offset (default 0)\n\nReturns:\n { status: "success", data: [{ id, title, type, status, domains, level }], meta: { total_count, limit, offset, has_more } }\n\nExamples:\n - "Show me all requirements" → atoms_list_items(project_id, type="requirement")\n - "What test cases exist?" → atoms_list_items(project_id, type="test-case")\n\nErrors:\n - "Project not found" → verify project_id\n - "Access denied" → check org membership',inputSchema:{project_id:o.z.string().uuid("Must be a valid project UUID").describe("UUID of the project"),type:o.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),domain:o.z.string().max(64).optional().describe("Filter by domain tag (e.g., 'Safety', 'Performance')"),level:o.z.string().max(32).optional().describe("Filter by level (System, Subsystem, Component)"),limit:o.z.number().int().min(1).max(200).default(50).describe("Max results (default 50, max 200)"),offset:o.z.number().int().min(0).default(0).describe("Pagination offset (default 0)"),baseline_id:o.z.string().uuid().optional().describe("Optional baseline UUID. Returns items as they were at that baseline's moment. Mutually exclusive with as_of."),as_of:o.z.string().datetime().optional().describe("Optional ISO 8601 timestamp. Returns items as they were at that moment. Mutually exclusive with baseline_id.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_list_items",async e=>{const{listItemsHandler:t}=await Promise.resolve().then(()=>($t(),Mt));return t(e)})),Ni("atoms_get_item",{title:"Get ATOMS Item Details",description:'Get full details of a single item including relationships, test history, and ownership.\n\nUse after atoms_list_items or atoms_search to drill into a specific item.\n\nArgs:\n - project_id (string, UUID): The project containing the item\n - item_id (string): Item ID (e.g., "REQ-001", "TC-050")\n\nReturns:\n Full WorkItem with relationships, test runs, ownership, metadata.\n\nExamples:\n - "Show me requirement REQ-001" → atoms_get_item(project_id, "REQ-001")\n - "Get test case details" → atoms_get_item(project_id, "TC-050")',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).describe("Item ID (e.g., REQ-001)"),baseline_id:o.z.string().uuid().optional().describe("Optional baseline UUID. Returns the item as it was at that baseline's moment. Mutually exclusive with as_of."),as_of:o.z.string().datetime().optional().describe("Optional ISO 8601 timestamp. Returns the item as it was at that moment. Mutually exclusive with baseline_id.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_get_item",async e=>{const{getItemHandler:t}=await Promise.resolve().then(()=>(Wt(),Nt));return t(e)})),Ni("atoms_search",{title:"Search ATOMS Items",description:'Full-text search across items in a project. Searches title, body, and summary.\n\nAlternative entry point to atoms_list_items when you know what you\'re looking for.\n\nArgs:\n - project_id (string, UUID): The project to search in\n - query (string): Search text (max 1000 chars)\n - type (string, optional): Filter by type\n - asset (string, optional): Filter to items with at least one run on the given asset\n (VIN, module, lot, ...). Case-sensitive exact match.\n - limit (number, optional): Max results, 1-100 (default 25)\n\nReturns:\n Matching items with @basic fields, ranked by relevance.\n\nExamples:\n - "Find braking requirements" → atoms_search(project_id, "braking system")\n - "Search for safety tests" → atoms_search(project_id, "safety", type="test-case")\n - "Tests that ran on this VIN" → atoms_search(project_id, "", asset="WEV...0005")',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),query:o.z.string().min(1).max(1e3).describe("Search text"),type:o.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),asset:o.z.string().max(200).optional().describe("Filter to items with at least one run on this asset (case-sensitive exact)"),limit:o.z.number().int().min(1).max(100).default(25).describe("Max results (default 25, max 100)"),baseline_id:o.z.string().uuid().optional().describe("Optional baseline UUID. Searches within the project state at that baseline's moment.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_search",async e=>{const{searchHandler:t}=await Promise.resolve().then(()=>(Bt(),Vt));return t(e)})),Ni("atoms_semantic_search",{title:"Semantic Search ATOMS Items",description:'Meaning-based search across items using pgvector embeddings (GTE-small, 384d).\n\nUse when atoms_search (exact/substring) misses conceptually related items.\nBest for natural-language concept queries; atoms_search is better for exact phrases or IDs.\n\nArgs:\n - project_id (string, UUID): The project to search in\n - query (string): Natural-language concept query (max 1000 chars)\n - type (string, optional): Filter by type\n - limit (number, optional): Max results, 1-50 (default 10)\n\nReturns:\n Semantically similar items ranked by cosine similarity.\n\nExamples:\n - "Find braking-related requirements" → atoms_semantic_search(project_id, "braking deceleration stopping distance")\n - "Safety-related test cases" → atoms_semantic_search(project_id, "hazard risk mitigation safety", type="test-case")',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),query:o.z.string().min(1).max(1e3).describe("Natural-language concept query"),type:o.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),limit:o.z.number().int().min(1).max(50).default(10).describe("Max results (default 10, max 50)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_semantic_search",async e=>{const{semanticSearchHandler:t}=await Promise.resolve().then(()=>(Gt(),Jt));return t(e)})),Ji({appName:"coverage",htmlFile:"coverage-app.html",toolName:"atoms_get_coverage",title:"Get Test Coverage Report",description:'Find requirements without linked test cases (coverage gaps).\n\nEssential for compliance reporting in safety-critical industries.\n\nIn MCP App hosts (Claude, ChatGPT), renders a visual coverage heatmap.\nFalls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): The project to analyze\n - domain (string, optional): Filter by domain\n - level (string, optional): Filter by level\n - baseline_id (string, UUID, optional): coverage at that baseline\'s moment\n - as_of (string ISO 8601, optional): coverage at that moment\n baseline_id and as_of are mutually exclusive.\n\nReturns:\n { covered, uncovered, total, coverage_percent, uncovered_items: [...] }\n\nExamples:\n - "What\'s our test coverage?" → atoms_get_coverage(project_id)\n - "Safety coverage gaps?" → atoms_get_coverage(project_id, domain="Safety")\n - "Coverage at PDR submission" → atoms_get_coverage(project_id, baseline_id="...")',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),domain:o.z.string().max(64).optional().describe("Filter by domain tag"),level:o.z.string().max(32).optional().describe("Filter by level"),baseline_id:o.z.string().uuid().optional().describe("Compute coverage as of this baseline's snapshot moment"),as_of:o.z.string().datetime().optional().describe("Compute coverage as of this ISO 8601 moment")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Qi("atoms_get_coverage",async e=>{const{getCoverageHandler:t}=await Promise.resolve().then(()=>(Zt(),Yt));return t(e)})}),Ni("atoms_get_history",{title:"Get Item Change History",description:"Audit trail for an item — who changed what, when, and whether it was human or AI.\n\nShows actor attribution (user vs mcp_<client>) and session grouping.\n\nArgs:\n - project_id (string, UUID): The project containing the item\n - item_id (string): Item ID\n - limit (number, optional): Max entries (default 20, max 100)\n\nReturns:\n Change entries with actor, session_id, event_type, changed_at, fields_changed.",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).describe("Item ID"),limit:o.z.number().int().min(1).max(100).default(20).describe("Max entries (default 20)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_get_history",async e=>{const{getHistoryHandler:t}=await Promise.resolve().then(()=>(tr(),Xt));return t(e)})),Ji({appName:"mermaid",htmlFile:"mermaid-app.html",toolName:"atoms_export_mermaid",title:"Export Mermaid Diagram",description:"Generate a Mermaid diagram of the requirement/test hierarchy.\n\nOutput is paste-ready for markdown docs. Shows parent-child relationships\nand requirement-to-test-case verification links.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive pan/zoom diagram.\nFalls back to Mermaid text for non-UI clients.\n\nArgs:\n - project_id (string, UUID): The project to visualize\n - root_item_id (string, optional): Start node (default: all roots)\n - depth (number, optional): Max depth (default 3, max 10)\n - include_tests (boolean, optional): Show test case links (default true)\n - baseline_id (string, UUID, optional): render the graph at that baseline's moment\n - as_of (string ISO 8601, optional): render the graph at that moment\n baseline_id and as_of are mutually exclusive.\n\nReturns:\n Mermaid graph string.",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),root_item_id:o.z.string().max(20).optional().describe("Root item ID to start from"),depth:o.z.number().int().min(1).max(10).default(3).describe("Max depth"),include_tests:o.z.boolean().default(!0).describe("Include test case links"),baseline_id:o.z.string().uuid().optional().describe("Render the graph as of this baseline's snapshot moment"),as_of:o.z.string().datetime().optional().describe("Render the graph as of this ISO 8601 moment")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},extraResourceDomains:["cdn.jsdelivr.net","mermaid.ink"],handler:Qi("atoms_export_mermaid",async e=>{const{exportMermaidHandler:t}=await Promise.resolve().then(()=>(ar(),rr));return t(e)})}),Ni("atoms_create_item",{title:"Create ATOMS Item",description:"Create a new requirement, test case, or note in a project.\n\nRequires editor or admin role. Changes are logged with AI actor attribution.\n\nArgs:\n - project_id (string, UUID): Target project\n - type (string): requirement|test-case|note\n - title (string): Item title (max 500 chars)\n - body (string, optional): Rich text body\n - summary (string, optional): Brief summary\n - domains (string[], optional): Domain tags\n - level (string, optional): System|Subsystem|Component\n - parent_ids (string[], optional): Parent item IDs to link\n\nReturns:\n Created item with generated ID (e.g., \"REQ-058\")\n\nSide effects:\n - Logs to change_history with actor='mcp_<client>'\n - Creates relationships if parent_ids provided",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the target project"),type:o.z.enum(["requirement","test-case","note"]).describe("Item type"),title:o.z.string().min(1).max(500).describe("Item title"),body:o.z.string().max(5e4).optional().describe("Rich text body"),summary:o.z.string().max(2e3).optional().describe("Brief summary"),domains:o.z.array(o.z.string().max(64)).max(20).optional().describe("Domain tags"),level:o.z.string().max(32).optional().describe("System|Subsystem|Component"),parent_ids:o.z.array(o.z.string().max(20)).max(50).optional().describe("Parent item IDs to link"),echo:o.z.boolean().optional().describe("false → lean {id,type} response, saves ~580 tokens")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_create_item",async e=>{const{createItemHandler:t}=await Promise.resolve().then(()=>(dr(),sr));return t(e)})),Ni("atoms_update_item",{title:"Update ATOMS Item",description:"Update an existing item's fields. Only provided fields are changed.\n\nRequires editor or admin role. Logs old/new data diff to change history.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Item to update\n - title, body, summary, domains, level, status: Fields to update (all optional)\n - expected_updated_at (string, optional): Pass metadata.updated_at from atoms_get_item to reject stale writes\n\nReturns:\n Updated item.",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).optional().describe("Item ID (single form)"),title:o.z.string().min(1).max(500).optional().describe("New title"),body:o.z.string().max(5e4).optional().describe("New body"),summary:o.z.string().max(2e3).optional().describe("New summary"),domains:o.z.array(o.z.string().max(64)).max(20).optional().describe("New domain tags"),level:o.z.string().max(32).optional().describe("New level"),status:o.z.enum(["passed","failed","blocked","not-run"]).optional().describe("Test case status"),expected_updated_at:Je.optional().describe("metadata.updated_at value from atoms_get_item; rejects stale writes"),echo:o.z.boolean().optional().describe("false → lean {id,updated_fields} response, saves ~580 tokens"),reason:o.z.string().max(500).optional().describe("Change rationale, persisted in audit history"),updates:o.z.array(o.z.object({item_id:o.z.string().min(1).max(20),title:o.z.string().min(1).max(500).optional(),body:o.z.string().max(5e4).optional(),summary:o.z.string().max(2e3).optional(),domains:o.z.array(o.z.string().max(64)).max(20).optional(),level:o.z.string().max(32).optional(),status:o.z.enum(["passed","failed","blocked","not-run"]).optional(),expected_updated_at:Je.optional()})).optional().describe("Array form: update many items in one call"),idempotency_key:o.z.string().max(128).optional().describe("Safe retry key (24h TTL)"),continue_on_error:o.z.boolean().optional().describe("Allow partial success (default false = atomic)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_update_item",async e=>{const{updateItemHandler:t}=await Promise.resolve().then(()=>(ur(),cr));return t(e)})),Ni("atoms_delete_item",{title:"Delete ATOMS Item",description:'Soft-delete an item (sets deleted_at, preserves for audit trail).\n\nRequires editor or admin role. The item is never truly removed.\n\nWhen ATOMS_MCP_REQUIRE_CONFIRMATION is set on the server, this tool uses a\ntwo-step flow: the first call returns a preview + confirmation_token; the\nsecond call (with the token) executes. Tokens expire in 60s and are bound\nto (tool, project_id, item_id).\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Item to delete\n - confirmation_token (string, optional): Token from a prior preview call\n\nReturns:\n Confirmation with deleted item summary, or { status: "confirmation_required",\n preview, confirmation_token } when the confirmation gate is active.',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).describe("Item ID to soft-delete"),confirmation_token:o.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_delete_item",async e=>{const{deleteItemHandler:t}=await Promise.resolve().then(()=>(xr(),vr));return t(e)})),Ni("atoms_restore_item",{title:"Restore ATOMS Item",description:'Undo a soft-delete — restores an item that was previously deleted with atoms_delete_item.\n\nOnly works on items that have been soft-deleted (still in the database with deleted_at set).\nHas no effect if the item is not deleted. Logs the restoration to change_history.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): ID of the deleted item to restore\n\nReturns:\n Confirmation with the restored item\'s title and type.\n\nExamples:\n - "Restore the deleted requirement REQ-042" → atoms_restore_item(project_id, "REQ-042")',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().max(256).describe("ID of the soft-deleted item to restore")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_restore_item",async e=>{const{restoreItemHandler:t}=await Promise.resolve().then(()=>(Ir(),Sr));return t(e)})),Ni("atoms_link_items",{title:"Link ATOMS Items",description:"Add or remove relationships between items.\n\nSupports: parent, child, related, verifies, verified_by.\nUpdates both items' JSONB data and the shadow table.\n\nArgs:\n - project_id (string, UUID): Project containing both items\n - from_id (string): Source item\n - to_id (string): Target item\n - type (string): parent|child|related|verifies|verified_by\n - action (string): add|remove\n - expected_from_updated_at / expected_to_updated_at (string, optional): pass metadata.updated_at values from atoms_get_item to reject stale link commands\n\nReturns:\n Updated relationship state for both items.",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),from_id:o.z.string().min(1).max(20).optional().describe("Source item ID (single form)"),to_id:o.z.string().min(1).max(20).optional().describe("Target item ID (single form)"),type:o.z.enum(["parent","child","related","verifies","verified_by"]).optional().describe("Relationship type"),action:o.z.enum(["add","remove"]).optional().describe("Add or remove"),expected_from_updated_at:Je.optional().describe("metadata.updated_at for from_id from atoms_get_item"),expected_to_updated_at:Je.optional().describe("metadata.updated_at for to_id from atoms_get_item"),echo:o.z.boolean().optional().describe("false → lean response"),reason:o.z.string().max(500).optional().describe("Change rationale, persisted in audit history"),operations:o.z.array(o.z.object({action:o.z.enum(["add","remove"]),from_id:o.z.string().min(1).max(20),to_id:o.z.string().min(1).max(20),type:o.z.enum(["parent","child","related","verifies","verified_by"]),expected_from_updated_at:Je.optional(),expected_to_updated_at:Je.optional()})).optional().describe("Array form: batch relationship ops. Always atomic with DAG cycle detection."),idempotency_key:o.z.string().max(128).optional().describe("Safe retry key (24h TTL)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_link_items",async e=>{const{linkItemsHandler:t}=await Promise.resolve().then(()=>(Tr(),Er));return t(e)})),Ji({appName:"import",htmlFile:"import-app.html",toolName:"atoms_bulk_import",title:"Bulk Import ATOMS Items",description:"Bulk create multiple items in a single tool call. Essential for AI agents\nthat generate 20+ requirements at once.\n\nChecks write access once, generates sequential IDs, batch inserts all items,\nand reports per-item errors without aborting the entire batch.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive results table.\nFalls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): Target project\n - items (array): Up to 100 items to create, each with:\n - type (string): requirement|test-case|note\n - title (string): Item title (max 500 chars)\n - body (string, optional): Rich text body\n - summary (string, optional): Brief summary\n - domains (string[], optional): Domain tags\n - level (string, optional): System|Subsystem|Component\n - parent_id (string, optional): Parent item ID to link\n\nReturns:\n { created: number, items: [{ id, title, type }], errors: [] }\n\nLimits:\n - Maximum 100 items per call\n - If any item fails, others still succeed — errors reported separately\n\nSide effects:\n - Logs to change_history with actor='mcp_<client>' for each created item\n - Creates parent relationships for items with parent_id",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the target project"),items:o.z.array(o.z.object({type:o.z.enum(["requirement","test-case","note"]).describe("Item type"),title:o.z.string().min(1).max(500).describe("Item title"),body:o.z.string().max(5e4).optional().describe("Rich text body"),summary:o.z.string().max(2e3).optional().describe("Brief summary"),domains:o.z.array(o.z.string().max(64)).max(20).optional().describe("Domain tags"),level:o.z.string().max(32).optional().describe("System|Subsystem|Component"),parent_id:o.z.string().max(20).optional().describe("Parent item ID to link")})).min(1).max(100).describe("Items to create (1-100)"),confirmation_token:o.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1},handler:Qi("atoms_bulk_import",async e=>{const{bulkImportHandler:t}=await Promise.resolve().then(()=>(zr(),Ur));return t(e)})}),Ni("atoms_record_test_result",{title:"Record Test Result",description:"Record a pass/fail/blocked result for a test case.\n\nAppends to canonical items.data.runs and projects test_results from that\nhistory. Use atoms_get_item to see all results.\n\nArgs:\n - project_id (string, UUID): Project containing the test case\n - item_id (string): Test case ID (e.g., \"TC-001\")\n - result (string): passed|failed|blocked|not-run\n - note (string, optional): Reason or comment for this result\n - asset (string, optional): Asset identifier this run was executed against\n (VIN, module ID, lot number, serial number, etc). Max 200 chars.\n Auto-trimmed; empty/whitespace is treated as omitted. If the asset\n name does not yet exist in the project, it is auto-registered.\n\nReturns:\n Recorded result with timestamp. When asset is provided, also returns\n asset_id and asset_created.\n\nSide effects:\n - Appends to items.data.runs through save_item_with_revision\n - Projects public.test_results from items.data.runs\n - Inserts into assets table if asset name is new in this project\n - Logs to change_history with actor='mcp_<client>'",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).describe("Test case ID (e.g., TC-001)"),result:o.z.enum(["passed","failed","blocked","not-run"]).describe("Test result"),note:o.z.string().max(1e3).optional().describe("Reason or comment for this result"),asset:o.z.string().max(200).optional().describe("Asset identifier this run was executed against (VIN, module ID, lot, etc). Auto-registered if new.")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_record_test_result",async e=>{const{recordTestResultHandler:t}=await Promise.resolve().then(()=>(Rr(),Hr));return t(e)})),Ni("atoms_record_test_results",{title:"Record Test Results (bulk)",description:'Record many runs on one test case in a single atomic call.\n\nOptimized for multi-asset campaigns. Each entry can have its own asset and\nresult. Asset lookup-or-create happens per entry; new asset names are\nauto-registered. Runs are appended to canonical items.data.runs, then\ntest_results is projected from that history. The whole call is one DB\ntransaction; any entry failure rolls back the rest.\n\nUse the singular atoms_record_test_result for one-off runs.\n\nArgs:\n - project_id (string, UUID): Project containing the test case\n - item_id (string): Test case ID (e.g., "TC-001")\n - results (array, 1-100 entries): Each entry has:\n - asset (string, optional): Asset identifier (VIN, module ID, lot)\n - result (string, required): passed|failed|blocked|not-run\n - note (string, optional): Run note\n - date (string, optional): ISO 8601 datetime, default now()\n\nReturns:\n Per-entry outcomes with asset_id, asset_created, run_at, ok flags.\n\nSide effects:\n - Appends to items.data.runs through save_item_with_revision\n - Projects public.test_results from items.data.runs\n - Inserts new rows into assets for any asset name not already registered\n - Logs a single change_history entry summarizing the batch',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).describe("Test case ID (e.g., TC-001)"),results:o.z.array(o.z.object({asset:o.z.string().max(200).optional().describe("Asset identifier this run was executed against. Auto-registered if new."),result:o.z.enum(["passed","failed","blocked","not-run"]).describe("Test result"),note:o.z.string().max(500).optional().describe("Run note"),date:o.z.string().optional().describe("ISO 8601 datetime (default: now())")})).min(1).max(100).describe("1 to 100 result entries on this test case")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_record_test_results",async e=>{const{recordTestResultsBulkHandler:t}=await Promise.resolve().then(()=>(Lr(),Cr));return t(e)})),Ji({appName:"trace",htmlFile:"trace-app.html",toolName:"atoms_trace",title:"Trace Item Relationships",description:'Walk the traceability graph from a starting item.\n\nAnswers questions like "which requirements does TC-003 verify?" or\n"if I change REQ-001, what\'s affected downstream?"\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive graph visualization.\nFalls back to flat list for non-UI clients.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Starting item ID\n - direction (string): upstream|downstream|both\n - upstream: follow parent/verifies links (dependencies)\n - downstream: follow child/verified_by links (dependents)\n - both: trace in both directions\n - depth (number, optional): Max traversal depth (default 5, max 10)\n - relationship_types (string[], optional): Filter to specific types (parent, child, related, verifies, verified_by)\n\nReturns:\n { root, direction, items: [{ id, title, type, relationship, depth }], total_count }\n\nExamples:\n - "What does TC-003 verify?" → atoms_trace(project_id, "TC-003", "upstream")\n - "What\'s affected by REQ-001?" → atoms_trace(project_id, "REQ-001", "downstream")',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).describe("Starting item ID"),direction:o.z.enum(["upstream","downstream","both"]).describe("Traversal direction"),depth:o.z.number().int().min(1).max(10).default(5).describe("Max traversal depth (default 5)"),relationship_types:o.z.array(o.z.enum(["parent","child","related","verifies","verified_by"])).optional().describe("Filter to specific relationship types")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Qi("atoms_trace",async e=>{const{traceHandler:t}=await Promise.resolve().then(()=>(Fr(),Wr));return t(e)})}),Ni("atoms_list_assets",{title:"List Project Assets",description:"List asset identifiers registered in a project.\n\nAssets are free-form per-instance IDs (VINs, module names, lot numbers,\nserial numbers) that test runs are tagged against. They are auto-registered\nthe first time they appear on a run via atoms_record_test_result.\n\nArgs:\n - project_id (string, UUID): Project to list assets for\n - include_archived (boolean, optional): Include archived assets (default false)\n\nReturns:\n { assets: [{ id, name, archived_at, created_at }], total }",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),include_archived:o.z.boolean().optional().describe("Include archived assets (default false)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_list_assets",async e=>{const{listAssetsHandler:t}=await Promise.resolve().then(()=>(Qr(),Br));return t(e)})),Ni("atoms_list_variables",{title:"List Project Variables",description:"List all parameterized variables defined in a project.\n\nVariables are shared values (e.g., backup_camera_latency = 2s) that can be\nreferenced in requirement bodies as {variable_name}.\n\nArgs:\n - project_id (string, UUID): Project to list variables for\n - baseline_id (string, UUID, optional): list variables as they were at that baseline\n - as_of (string ISO 8601, optional): list variables as they were at that moment\n\nReturns:\n { variables: [{ id, name, value, unit, description }], total }",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),baseline_id:o.z.string().uuid().optional().describe("Optional baseline UUID for time-travel reads"),as_of:o.z.string().datetime().optional().describe("Optional ISO timestamp for time-travel reads")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_list_variables",async e=>{const{listVariablesHandler:t}=await Promise.resolve().then(()=>(ni(),Gr));return t(e)})),Ni("atoms_get_variable",{title:"Get Project Variable",description:'Get a specific variable by name, including which items reference it.\n\nArgs:\n - project_id (string, UUID): Project containing the variable\n - variable_name (string): Variable name (e.g., "backup_camera_latency")\n - baseline_id (string, UUID, optional): get the variable as it was at that baseline\n - as_of (string ISO 8601, optional): get the variable as it was at that moment\n\nReturns:\n { variable, referenced_by: [{ id, title, type }], reference_count }',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),variable_name:o.z.string().min(1).max(64).describe("Variable name"),baseline_id:o.z.string().uuid().optional().describe("Optional baseline UUID for time-travel reads"),as_of:o.z.string().datetime().optional().describe("Optional ISO timestamp for time-travel reads")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_get_variable",async e=>{const{getVariableHandler:t}=await Promise.resolve().then(()=>(ni(),Gr));return t(e)})),Ni("atoms_update_variable",{title:"Update Project Variable",description:"Update a variable's value, unit, or description.\n\nArgs:\n - project_id (string, UUID): Project containing the variable\n - variable_name (string): Variable name\n - value (string, optional): New value\n - unit (string, optional): Unit abbreviation (e.g., 's', 'Hz')\n - description (string, optional): Human-readable description\n\nReturns:\n { variable }",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),variable_name:o.z.string().min(1).max(64).describe("Variable name"),value:o.z.string().max(500).optional().describe("New value"),unit:o.z.string().max(32).optional().describe("Unit abbreviation"),description:o.z.string().max(2e3).optional().describe("Description")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_update_variable",async e=>{const{updateVariableHandler:t}=await Promise.resolve().then(()=>(ni(),Gr));return t(e)})),Ni("atoms_create_variable",{title:"Create Project Variable",description:'Create one or many parameterized variables for a project.\n\nSingle form: provide name + value.\nArray form: provide variables[] for bulk creation (one atomic INSERT).\n\nVariables can then be embedded in requirement bodies as {variable_name}.\n\nArgs (single form):\n - project_id (string, UUID): Project to add the variable to\n - name (string): Variable name, letters, digits, underscores; must start with letter/underscore\n - value (string): Initial value (e.g., "100", "true", "nominal")\n - unit (string, optional): Unit abbreviation (e.g., "Hz", "ms", "m/s²")\n - description (string, optional): Human-readable description\n - echo (bool, optional): false → lean {name} response (default true)\n\nArgs (array form):\n - project_id (string, UUID): Project UUID\n - variables[]: Array of { name, value, unit?, description? }\n - echo (bool, optional): false → lean {name} list (default true)\n - idempotency_key (string, optional): Dedup key\n\nReturns (single): { variable, message }\nReturns (array): { batch_id, created, variables, message }',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),name:o.z.string().min(1).max(64).optional().describe("Variable name (single form)"),value:o.z.string().min(1).max(500).optional().describe("Initial value (single form)"),unit:o.z.string().max(32).optional().describe("Unit abbreviation"),description:o.z.string().max(2e3).optional().describe("Description"),echo:o.z.boolean().optional().describe("false → lean response (default true)"),variables:o.z.array(o.z.object({name:o.z.string().min(1).max(64).describe("Variable name"),value:o.z.string().min(1).max(500).describe("Initial value"),unit:o.z.string().max(32).optional().describe("Unit abbreviation"),description:o.z.string().max(2e3).optional().describe("Description")})).optional().describe("Array form: batch variable creation. Atomic — all or none."),idempotency_key:o.z.string().max(128).optional().describe("Dedup key for retries")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_create_variable",async e=>{const{createVariableHandler:t}=await Promise.resolve().then(()=>(ni(),Gr));return t(e)})),Ni("atoms_delete_variable",{title:"Delete Project Variable",description:"Delete a project variable. Refuses by default if any items reference it.\n\nArgs:\n - project_id (string, UUID): Project containing the variable\n - name (string): Variable name to delete\n - force (bool, optional): Delete even if items still reference it (default false)\n\nReturns:\n { deleted, name, referenced_by_items, warning? }",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),name:o.z.string().min(1).max(64).describe("Variable name to delete"),force:o.z.boolean().optional().describe("Delete even if items reference it (default false)"),confirmation_token:o.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_delete_variable",async e=>{const{deleteVariableHandler:t}=await Promise.resolve().then(()=>(ni(),Gr));return t(e)})),Ni("atoms_list_domains",{title:"List Project Domains",description:"List all domain tags registered in a project's taxonomy, with item counts.\n\nArgs:\n - project_id (string, UUID): Project to inspect\n\nReturns:\n { domains: [{ name, item_count }], total }",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_list_domains",async e=>{const{listDomainsHandler:t}=await Promise.resolve().then(()=>(pi(),ai));return t(e)})),Ni("atoms_create_domain",{title:"Create Project Domain",description:'Register a new domain tag in the project taxonomy.\n\nOnce created, items can be tagged with this domain via atoms_create_item or atoms_update_item.\n\nArgs:\n - project_id (string, UUID): Project to add the domain to\n - name (string): Domain name (lowercased automatically, e.g., "safety", "can-bus")\n\nReturns:\n { domain: { name }, message }',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),name:o.z.string().min(1).max(64).describe("Domain name")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_create_domain",async e=>{const{createDomainHandler:t}=await Promise.resolve().then(()=>(pi(),ai));return t(e)})),Ni("atoms_update_domain",{title:"Rename Project Domain",description:"Rename a domain tag. Updates the taxonomy and propagates to all tagged items.\n\nUse dry_run=true first to see how many items will be affected before committing.\n\nArgs:\n - project_id (string, UUID): Project containing the domain\n - name (string): Current domain name\n - new_name (string): New domain name\n - dry_run (bool, optional): If true, return impact count without making changes (default false)\n\nReturns (dry_run=false):\n { domain: { name }, renamed_from, items_updated, message }\n\nReturns (dry_run=true):\n { dry_run: true, rename: { from, to }, items_affected, message }",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),name:o.z.string().min(1).max(64).describe("Current domain name"),new_name:o.z.string().min(1).max(64).describe("New domain name"),dry_run:o.z.boolean().optional().describe("Preview impact without applying (default false)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_update_domain",async e=>{const{updateDomainHandler:t}=await Promise.resolve().then(()=>(pi(),ai));return t(e)})),Ni("atoms_delete_domain",{title:"Delete Project Domain",description:"Delete a domain tag from the project taxonomy.\n\nRefuses by default if any items are tagged with it. With force=true, deletes the\ndomain and strips the tag from all items.\n\nArgs:\n - project_id (string, UUID): Project containing the domain\n - name (string): Domain name to delete\n - force (bool, optional): Strip from items and delete anyway (default false)\n\nReturns:\n { deleted, name, items_updated, message }",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),name:o.z.string().min(1).max(64).describe("Domain name to delete"),force:o.z.boolean().optional().describe("Strip from all items and delete (default false)"),confirmation_token:o.z.string().max(500).optional().describe("Token from a prior preview call (only used when ATOMS_MCP_REQUIRE_CONFIRMATION is set)")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_delete_domain",async e=>{const{deleteDomainHandler:t}=await Promise.resolve().then(()=>(pi(),ai));return t(e)})),Ji({appName:"summary",htmlFile:"summary-app.html",toolName:"atoms_project_summary",title:"Project Compliance Summary",description:'One-call project health and compliance dashboard.\n\nReturns item counts by type, test execution status, requirement coverage\n(overall and by domain), and recent change activity.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive dashboard with charts.\nFalls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): Project to summarize\n\nReturns:\n { project_name, counts, test_status, coverage, coverage_by_domain, recent_changes, last_updated }\n\nExamples:\n - "Give me a compliance snapshot" → atoms_project_summary(project_id)\n - "How\'s our test coverage?" → atoms_project_summary(project_id)',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Qi("atoms_project_summary",async e=>{const{projectSummaryHandler:t}=await Promise.resolve().then(()=>(hi(),ui));return t(e)})}),Ji({appName:"browse",htmlFile:"browse-app.html",toolName:"atoms_browse",title:"Browse ATOMS Items",description:'View and filter items in an ATOMS project with a visual browser.\n\nIn MCP App hosts (Claude, ChatGPT), renders an interactive filterable list\nwith expandable item details. Falls back to JSON for non-UI clients.\n\nArgs:\n - project_id (string, UUID): The project to browse\n - type (string, optional): Filter by type (requirement, test-case, note, table)\n - domain (string, optional): Filter by domain tag\n - level (string, optional): Filter by level (System, Subsystem, Component)\n - query (string, optional): Full-text search query\n - limit (number, optional): Max results (default 25, max 100)\n - offset (number, optional): Pagination offset (default 0)\n\nReturns:\n { items: [...], filters: { domains, levels, types }, meta: { total_count, limit, offset, has_more } }\n\nExamples:\n - "Show me the requirements" → atoms_browse(project_id, type="requirement")\n - "Browse safety items" → atoms_browse(project_id, domain="Safety")\n - "Find braking requirements" → atoms_browse(project_id, query="braking")',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),type:o.z.enum(["requirement","test-case","note","table"]).optional().describe("Filter by item type"),domain:o.z.string().max(64).optional().describe("Filter by domain tag"),level:o.z.string().max(32).optional().describe("Filter by level (System, Subsystem, Component)"),query:o.z.string().max(1e3).optional().describe("Full-text search query"),limit:o.z.number().int().min(1).max(100).default(25).describe("Max results (default 25, max 100)"),offset:o.z.number().int().min(0).default(0).describe("Pagination offset (default 0)")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1},handler:Qi("atoms_browse",async e=>{const{browseHandler:t}=await Promise.resolve().then(()=>(xi(),gi));return t(e)})}),Ni("atoms_impact_analysis",{title:"Analyze Impact of Changing an Item",description:'Analyze the blast radius of changing a specific item.\n\nTraverses the relationship graph from the given item and returns every item that\nwould be affected by a change — with their types, depths, and full relationship paths.\n\nArgs:\n - project_id (string, UUID): Project containing the item\n - item_id (string): Item to analyze (e.g., "REQ-001")\n - direction (string, optional): "downstream" (default) | "upstream" | "both"\n - downstream: what this item affects (children, verified_by)\n - upstream: what affects this item (parents, verifies)\n - both: full bidirectional traversal\n - depth (integer, optional): Max traversal depth. Omit for full depth (all reachable nodes).\n - include_variable_refs (boolean, optional): Reserved for future variable-aware impact. Default true.\n\nReturns:\n { root: { item_id, title, type }, impacted_items: [{ item_id, title, type, depth, relationship_path }], summary: { total_impacted, by_type, max_depth_reached } }\n\nExamples:\n - "What breaks if I change REQ-001?" → atoms_impact_analysis(project_id, "REQ-001")\n - "What\'s upstream of TC-005?" → atoms_impact_analysis(project_id, "TC-005", direction="upstream")\n - "Show direct dependencies only" → atoms_impact_analysis(project_id, "REQ-001", depth=1)\n\nErrors:\n - "Item not found" → verify item_id exists in the project',inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),item_id:o.z.string().min(1).max(20).describe("Item ID to analyze (e.g., REQ-001)"),direction:o.z.enum(["downstream","upstream","both"]).default("downstream").describe("Traversal direction (default: downstream)"),depth:o.z.number().int().min(1).optional().describe("Max traversal depth. Omit for full depth."),include_variable_refs:o.z.boolean().default(!0).describe("Reserved for variable-aware impact (future). Default true.")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_impact_analysis",async e=>{const{impactAnalysisHandler:t}=await Promise.resolve().then(()=>(Ii(),Si));return t(e)})),Ni("atoms_list_baselines",{title:"List ATOMS Baselines",description:"List named baselines (named project snapshots) for a project, newest first.\n\nA baseline is a labeled moment in time. Use atoms_create_baseline to make one,\natoms_diff_baselines to compare two, and atoms_restore_baseline to roll back.",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),limit:o.z.number().int().min(1).max(100).default(50).describe("Max results (default 50, max 100)"),offset:o.z.number().int().min(0).default(0).describe("Pagination offset")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_list_baselines",async e=>{const{listBaselinesHandler:t}=await Promise.resolve().then(()=>(Fi(),Ei));return t(e)})),Ni("atoms_create_baseline",{title:"Create ATOMS Baseline",description:"Create a named baseline (snapshot label) at the current moment for a project.\n\nThe baseline records a name + timestamp. It does NOT copy item data; the project\nstate at that moment is reconstructed via temporal queries against item_revisions.\nNames must be unique per project (case-insensitive).",inputSchema:{project_id:o.z.string().uuid().describe("UUID of the project"),name:o.z.string().min(1).max(200).describe("Baseline name (1-200 chars, unique per project)"),description:o.z.string().max(2e3).optional().describe("Optional description (max 2000 chars)")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_create_baseline",async e=>{const{createBaselineHandler:t}=await Promise.resolve().then(()=>(Fi(),Ei));return t(e)})),Ni("atoms_lock_baseline",{title:"Lock ATOMS Baseline",description:"Lock a baseline so it becomes audit-grade immutable. Admin only. One-way: there is no unlock.\n\nAfter locking, the baseline's name, description, and snapshot_at cannot be changed,\nand it cannot be deleted. Use for regulatory submissions and DRBs.",inputSchema:{baseline_id:o.z.string().uuid().describe("UUID of the baseline to lock")},annotations:{readOnlyHint:!1,destructiveHint:!1,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_lock_baseline",async e=>{const{lockBaselineHandler:t}=await Promise.resolve().then(()=>(Fi(),Ei));return t(e)})),Ni("atoms_diff_baselines",{title:"Diff ATOMS Baselines",description:"Compute the diff between two baselines: which items were added, removed, or modified.\n\nReturns a summary plus a paginated items array. Pass detail=true to include\nper-item field-level diffs (slower for large projects).",inputSchema:{baseline_a_id:o.z.string().uuid().describe("UUID of the first (older) baseline"),baseline_b_id:o.z.string().uuid().describe("UUID of the second (newer) baseline"),detail:o.z.boolean().default(!1).describe("Include per-item field-level diffs (default false)"),limit:o.z.number().int().min(1).max(200).default(50).describe("Max items per page (default 50)"),offset:o.z.number().int().min(0).default(0).describe("Pagination offset")},annotations:{readOnlyHint:!0,destructiveHint:!1,idempotentHint:!0,openWorldHint:!1}},Qi("atoms_diff_baselines",async e=>{const{diffBaselinesHandler:t}=await Promise.resolve().then(()=>(Fi(),Ei));return t(e)})),Ni("atoms_restore_baseline",{title:"Restore from ATOMS Baseline",description:"Restore project state to a baseline. Admin only. Preview-by-default.\n\nCall with confirm=false (default) for a dry run that returns items_to_restore count.\nCall with confirm=true to execute: each item present at the baseline gets a new\nrevision matching its historical state, event_source='restore'. Items added AFTER\nthe baseline are NOT deleted. Always recoverable via further history.",inputSchema:{baseline_id:o.z.string().uuid().describe("UUID of the baseline to restore from"),confirm:o.z.boolean().default(!1).describe("Set true to execute; false (default) returns a preview")},annotations:{readOnlyHint:!1,destructiveHint:!0,idempotentHint:!1,openWorldHint:!1}},Qi("atoms_restore_baseline",async e=>{const{restoreBaselineHandler:t}=await Promise.resolve().then(()=>(Fi(),Ei));return t(e)}))}});F(),q(),Se(),P();var Xi=l.createRequire("undefined"==typeof document?require("url").pathToFileURL(__filename).href:p&&"SCRIPT"===p.tagName.toUpperCase()&&p.src||new URL("index.cjs",document.baseURI).href)("../package.json"),en=process.argv.slice(2)[0];(async function(){switch(en){case"login":{const{login:e}=await Promise.resolve().then(()=>(He(),ke));try{const{email:t}=await e();process.stderr.write(`\n ✓ Authenticated as ${t}\n`),process.stderr.write(" ✓ Credentials saved to ~/.atoms/credentials.json\n\n"),process.stderr.write(" Next steps:\n"),process.stderr.write(" $ claude mcp add atoms -- npx -y @atoms-tech/atoms-mcp\n"),process.stderr.write("\n Or add to Claude Desktop (Settings → MCP → Edit Config):\n"),process.stderr.write(' {\n "mcpServers": {\n "atoms": {\n "command": "npx",\n "args": ["-y", "@atoms-tech/atoms-mcp"]\n }\n }\n }\n\n')}catch(e){process.stderr.write(`\n ✗ ${e instanceof Error?e.message:String(e)}\n\n`),process.exit(1)}break}case"whoami":{const{getValidToken:e}=await Promise.resolve().then(()=>(ue(),ae));try{const{email:t,user_id:r}=await e();process.stderr.write(`\n ✓ Logged in as ${t}\n User ID: ${r}\n\n`)}catch(e){process.stderr.write("\n ✗ Not authenticated.\n Run: npx @atoms-tech/atoms-mcp login\n\n"),process.exit(1)}break}case"logout":{const{clearCredentials:e}=await Promise.resolve().then(()=>(re(),B));await e(),process.stderr.write("Logged out. Credentials removed.\n"),process.stderr.write("Run 'npx @atoms-tech/atoms-mcp login' to authenticate again.\n");break}case"--version":case"-v":process.stderr.write(`@atoms-tech/atoms-mcp v${Xi.version}\n`);break;case"--help":case"-h":process.stderr.write("ATOMS MCP Server — AI agent integration for requirements management\n\nUsage:\n npx @atoms-tech/atoms-mcp Start MCP server (stdio)\n npx @atoms-tech/atoms-mcp login Authenticate with ATOMS.tech\n npx @atoms-tech/atoms-mcp logout Switch account / clear credentials\n npx @atoms-tech/atoms-mcp whoami Show current user\n npx @atoms-tech/atoms-mcp --version Show version\n");break;default:{process.stderr.write("[atoms-mcp] Starting MCP server via stdio...\n");try{const{getValidToken:e}=await Promise.resolve().then(()=>(ue(),ae)),{email:t}=await e();process.stderr.write(`[atoms-mcp] Authenticated as ${t}\n`)}catch{process.stderr.write("[atoms-mcp] No credentials found. Starting login flow...\n");try{const{login:e}=await Promise.resolve().then(()=>(He(),ke)),{email:t}=await e();process.stderr.write(`[atoms-mcp] Authenticated as ${t}\n`)}catch(e){process.stderr.write(`[atoms-mcp] Login failed: ${e instanceof Error?e.message:String(e)}\n[atoms-mcp] Starting server without auth. Tools will fail until you run: npx @atoms-tech/atoms-mcp login\n`)}}try{const t=await fe(),r=be(),i=await async function(e,t){const r=process.env.ATOMS_MCP_ORG_ID?.trim();if(r)return r;const{data:i,error:n}=await e.from("org_members").select("org_id, joined_at").eq("user_id",t).order("joined_at",{ascending:!0}).limit(1).maybeSingle();return n?(process.stderr.write(`[atoms-mcp] Could not resolve session org: ${n.message}\n`),null):i?.org_id??null}(t,r),n=await async function(e,t,r){if(!r)return{role:null,is_member:!1,effective:H};const{data:i,error:n}=await e.rpc("mcp_resolve_policy",{p_user_id:t,p_org_id:r});return n?(process.stderr.write(`[atoms-mcp] mcp_resolve_policy failed (${n.code}): ${n.message}. Falling back to permissive policy.\n`),{role:null,is_member:!1,effective:H}):function(e){if(!e||"object"!=typeof e)return{role:null,is_member:!1,effective:H};const t=e,r="string"==typeof t.role?t.role:null,i=!0===t.is_member,n=t.effective??{},a=(e,t)=>Array.isArray(e)?e.filter(e=>"string"==typeof e):t,s=(e,t)=>"boolean"==typeof e?e:t,o=n.project_scope,d=Array.isArray(o)&&o.length>0?o.filter(e=>"string"==typeof e):null;return{role:r,is_member:i,effective:{read_only:s(n.read_only,H.read_only),lockdown:s(n.lockdown,H.lockdown),block_destructive:s(n.block_destructive,H.block_destructive),block_bulk_import:s(n.block_bulk_import,H.block_bulk_import),cross_project_browse:s(n.cross_project_browse,H.cross_project_browse),allowed_toolsets:a(n.allowed_toolsets,H.allowed_toolsets),forbidden_tools:a(n.forbidden_tools,H.forbidden_tools),project_scope:d,require_confirmation_for:a(n.require_confirmation_for,H.require_confirmation_for)}}}(i)}(t,r,i);e={effective:n.effective,role:n.role,org_id:i},D=e.effective,R=e.org_id,n.is_member&&i?process.stderr.write(`[atoms-mcp] Org policy loaded: org=${i.slice(0,8)}… role=${n.role??"?"} read_only=${n.effective.read_only} lockdown=${n.effective.lockdown}\n`):process.stderr.write("[atoms-mcp] No org membership detected — running with permissive default policy.\n")}catch(e){process.stderr.write(`[atoms-mcp] Could not resolve session policy (${e instanceof Error?e.message:String(e)}). Running with permissive default — RLS still enforces row-level access.\n`)}process.stderr.write(`[atoms-mcp] Tool registry: ${function(){const e=N(),t=$(),r=[];r.push(e?"read-only":"read+write"),null===t?r.push("all toolsets"):(r.push(`toolsets=${[...t.allowed].sort().join(",")||"(none — only always-on tools)"}`),t.unknown.length>0&&r.push(`unknown=${t.unknown.join(",")}`));const i=process.env.ATOMS_MCP_PROJECT_ID?.trim();return i&&r.push(`project_scope=${i.slice(0,8)}…`),("1"===process.env.ATOMS_MCP_LOCKDOWN||"true"===process.env.ATOMS_MCP_LOCKDOWN)&&r.push("lockdown=on"),r.join(" | ")}()}\n`);const{server:t}=await Promise.resolve().then(()=>(Zi(),Bi)),r=new m.StdioServerTransport;await t.connect(r),process.stderr.write("[atoms-mcp] MCP server running. Waiting for tool calls...\n")}}var e})().catch(e=>{process.stderr.write(`[atoms-mcp] Fatal: ${e instanceof Error?e.message:String(e)}\n`),process.exit(1)});