npm - @azure-devops/mcp - Versions diffs - 2.5.0-nightly.20260413 → 2.5.0-nightly.20260415 - Mend

@azure-devops/mcp 2.5.0-nightly.20260413 → 2.5.0-nightly.20260415

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/auth.js +13 -0
package/dist/index.js +23 -5
package/dist/tools/repositories.js +46 -12
package/dist/tools/work-items.js +11 -3
package/dist/version.js +1 -1
package/package.json +2 -2

package/dist/auth.js CHANGED Viewed

@@ -71,6 +71,19 @@ class OAuthAuthenticator {
 function createAuthenticator(type, tenantId) {
     logger.debug(`Creating authenticator of type '${type}' with tenantId='${tenantId ?? "undefined"}'`);
     switch (type) {
+        case "pat":
+            logger.debug(`Authenticator: Using PAT authentication (PERSONAL_ACCESS_TOKEN)`);
+            return async () => {
+                logger.debug(`${type}: Reading token from PERSONAL_ACCESS_TOKEN environment variable`);
+                const b64Pat = process.env["PERSONAL_ACCESS_TOKEN"];
+                if (!b64Pat) {
+                    logger.error(`${type}: PERSONAL_ACCESS_TOKEN environment variable is not set or empty`);
+                    throw new Error("Environment variable 'PERSONAL_ACCESS_TOKEN' is not set or empty. Please set it with a valid base64-encoded Azure DevOps Personal Access Token.");
+                }
+                // Return base64 value as-is — caller uses it directly as the Basic auth credential
+                logger.debug(`${type}: Successfully retrieved PAT from environment variable`);
+                return b64Pat;
+            };
         case "envvar":
             logger.debug(`Authenticator: Using environment variable authentication (ADO_MCP_AUTH_TOKEN)`);
             // Read token from fixed environment variable

package/dist/index.js CHANGED Viewed

@@ -3,7 +3,7 @@
 // Licensed under the MIT License.
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
-import { getBearerHandler, WebApi } from "azure-devops-node-api";
+import { getBearerHandler, getPersonalAccessTokenHandler, WebApi } from "azure-devops-node-api";
 import yargs from "yargs";
 import { hideBin } from "yargs/helpers";
 import { createAuthenticator } from "./auth.js";
@@ -41,7 +41,7 @@ const argv = yargs(hideBin(process.argv))
     alias: "a",
     describe: "Type of authentication to use",
     type: "string",
-    choices: ["interactive", "azcli", "env", "envvar"],
+    choices: ["interactive", "azcli", "env", "envvar", "pat"],
     default: defaultAuthenticationType,
 })
     .option("tenant", {
@@ -55,10 +55,12 @@ export const orgName = argv.organization;
 const orgUrl = "https://dev.azure.com/" + orgName;
 const domainsManager = new DomainsManager(argv.domains);
 export const enabledDomains = domainsManager.getEnabledDomains();
-function getAzureDevOpsClient(getAzureDevOpsToken, userAgentComposer) {
+function getAzureDevOpsClient(getAzureDevOpsToken, userAgentComposer, authType) {
     return async () => {
         const accessToken = await getAzureDevOpsToken();
-        const authHandler = getBearerHandler(accessToken);
+        // For pat, accessToken is base64("{email}:{token}"). Decode to extract the token part,
+        // since getPersonalAccessTokenHandler prepends ":" internally and just needs the raw token.
+        const authHandler = authType === "pat" ? getPersonalAccessTokenHandler(Buffer.from(accessToken, "base64").toString("utf8").split(":").slice(1).join(":")) : getBearerHandler(accessToken);
         const connection = new WebApi(orgUrl, authHandler, undefined, {
             productName: "AzureDevOps.MCP",
             productVersion: packageVersion,
@@ -93,9 +95,25 @@ async function main() {
     };
     const tenantId = (await getOrgTenant(orgName)) ?? argv.tenant;
     const authenticator = createAuthenticator(argv.authentication, tenantId);
+    if (argv.authentication === "pat") {
+        const basicValue = await authenticator();
+        // basicValue is already base64("{email}:{token}") — use it directly in the Authorization header
+        const _originalFetch = globalThis.fetch;
+        globalThis.fetch = async (input, init) => {
+            if (init?.headers) {
+                const headers = new Headers(init.headers);
+                if (headers.get("Authorization")?.startsWith("Bearer ")) {
+                    headers.set("Authorization", `Basic ${basicValue}`);
+                    init = { ...init, headers };
+                }
+            }
+            return _originalFetch(input, init);
+        };
+        logger.debug("PAT mode: global fetch interceptor installed to rewrite Bearer -> Basic auth headers");
+    }
     // removing prompts untill further notice
     // configurePrompts(server);
-    configureAllTools(server, authenticator, getAzureDevOpsClient(authenticator, userAgentComposer), () => userAgentComposer.userAgent, enabledDomains);
+    configureAllTools(server, authenticator, getAzureDevOpsClient(authenticator, userAgentComposer, argv.authentication), () => userAgentComposer.userAgent, enabledDomains);
     const transport = new StdioServerTransport();
     await server.connect(transport);
 }

package/dist/tools/repositories.js CHANGED Viewed

@@ -811,42 +811,76 @@ function configureRepoTools(server, tokenProvider, connectionProvider, userAgent
         project: z.string().optional().describe("Project ID or project name. Required when repositoryId is a repository name instead of a GUID."),
         includeWorkItemRefs: z.boolean().optional().default(false).describe("Whether to reference work items associated with the pull request."),
         includeLabels: z.boolean().optional().default(false).describe("Whether to include a summary of labels in the response."),
-    }, async ({ repositoryId, pullRequestId, project, includeWorkItemRefs, includeLabels }) => {
+        includeChangedFiles: z.boolean().optional().default(false).describe("Whether to include the list of files changed in the pull request."),
+    }, async ({ repositoryId, pullRequestId, project, includeWorkItemRefs, includeLabels, includeChangedFiles }) => {
         try {
             const connection = await connectionProvider();
             const gitApi = await connection.getGitApi();
             const pullRequest = await gitApi.getPullRequest(repositoryId, pullRequestId, project, undefined, undefined, undefined, undefined, includeWorkItemRefs);
+            let enhancedResponse = { ...pullRequest };
             if (includeLabels) {
                 try {
                     const projectId = pullRequest.repository?.project?.id;
                     const projectName = pullRequest.repository?.project?.name;
                     const labels = await gitApi.getPullRequestLabels(repositoryId, pullRequestId, projectName, projectId);
                     const labelNames = labels.map((label) => label.name).filter((name) => name !== undefined);
-                    const enhancedResponse = {
-                        ...pullRequest,
+                    enhancedResponse = {
+                        ...enhancedResponse,
                         labelSummary: {
                             labels: labelNames,
                             labelCount: labelNames.length,
                         },
                     };
-                    return {
-                        content: [{ type: "text", text: JSON.stringify(enhancedResponse, null, 2) }],
-                    };
                 }
                 catch (error) {
                     console.warn(`Error fetching PR labels: ${error instanceof Error ? error.message : "Unknown error"}`);
-                    // Fall back to the original response without labels
-                    const enhancedResponse = {
-                        ...pullRequest,
+                    enhancedResponse = {
+                        ...enhancedResponse,
                         labelSummary: {},
                     };
-                    return {
-                        content: [{ type: "text", text: JSON.stringify(enhancedResponse, null, 2) }],
+                }
+            }
+            if (includeChangedFiles) {
+                try {
+                    const iterations = await gitApi.getPullRequestIterations(repositoryId, pullRequestId, project);
+                    if (iterations?.length) {
+                        const latestIteration = iterations[iterations.length - 1];
+                        if (latestIteration.id != null) {
+                            const changes = await gitApi.getPullRequestIterationChanges(repositoryId, pullRequestId, latestIteration.id, project);
+                            enhancedResponse = {
+                                ...enhancedResponse,
+                                changedFilesSummary: {
+                                    changeEntries: changes?.changeEntries ?? [],
+                                    fileCount: changes?.changeEntries?.length ?? 0,
+                                    nextSkip: changes?.nextSkip,
+                                    nextTop: changes?.nextTop,
+                                },
+                            };
+                        }
+                        else {
+                            enhancedResponse = {
+                                ...enhancedResponse,
+                                changedFilesSummary: { changeEntries: [], fileCount: 0 },
+                            };
+                        }
+                    }
+                    else {
+                        enhancedResponse = {
+                            ...enhancedResponse,
+                            changedFilesSummary: { changeEntries: [], fileCount: 0 },
+                        };
+                    }
+                }
+                catch (error) {
+                    console.warn(`Error fetching PR changed files: ${error instanceof Error ? error.message : "Unknown error"}`);
+                    enhancedResponse = {
+                        ...enhancedResponse,
+                        changedFilesSummary: {},
                     };
                 }
             }
             return {
-                content: [{ type: "text", text: JSON.stringify(pullRequest, null, 2) }],
+                content: [{ type: "text", text: JSON.stringify(enhancedResponse, null, 2) }],
             };
         }
         catch (error) {

package/dist/tools/work-items.js CHANGED Viewed

@@ -222,13 +222,16 @@ function configureWorkItemTools(server, tokenProvider, connectionProvider, userA
     server.tool(WORKITEM_TOOLS.get_work_item, "Get a single work item by ID. If a project is not specified, you will be prompted to select one.", {
         id: z.coerce.number().min(1).describe("The ID of the work item to retrieve."),
         project: z.string().optional().describe("The name or ID of the Azure DevOps project. Reuse from prior context if already known. If not provided, a project selection prompt will be shown."),
-        fields: z.array(z.string()).optional().describe("Optional list of fields to include in the response. If not provided, all fields will be returned."),
+        fields: z
+            .array(z.string())
+            .optional()
+            .describe("Optional list of fields to include in the response. If not provided, all fields will be returned. Cannot be used together with the expand parameter."),
         asOf: z.coerce.date().optional().describe("Optional date string to retrieve the work item as of a specific time. If not provided, the current state will be returned."),
         expand: z
             .enum(["all", "fields", "links", "none", "relations"])
-            .describe("Optional expand parameter to include additional details in the response.")
+            .describe("Optional expand parameter to include additional details in the response. Cannot be used together with the fields parameter.")
             .optional()
-            .describe("Expand options include 'all', 'fields', 'links', 'none', and 'relations'. Relations can be used to get child workitems. Defaults to 'none'."),
+            .describe("Expand options include 'All', 'Fields', 'Links', 'None', and 'Relations'. Relations can be used to get child workitems. Defaults to 'None'. Cannot be used together with the fields parameter."),
     }, async ({ id, project, fields, asOf, expand }) => {
         try {
             const connection = await connectionProvider();
@@ -239,6 +242,11 @@ function configureWorkItemTools(server, tokenProvider, connectionProvider, userA
                     return result.response;
                 resolvedProject = result.resolved;
             }
+            // The Azure DevOps API does not support using expand and fields together.
+            // When both are provided, prefer fields as it is the more specific selection.
+            if (fields && fields.length > 0 && expand != null) {
+                expand = "none";
+            }
             const workItemApi = await connection.getWorkItemTrackingApi();
             const workItem = await workItemApi.getWorkItem(id, fields, asOf, expand, resolvedProject);
             return {

package/dist/version.js CHANGED Viewed

	@@ -1 +1 @@
1	- export const packageVersion = "2.5.0-nightly.~~20260413~~";
1	+ export const packageVersion = "2.5.0-nightly.20260415";

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@azure-devops/mcp",
-  "version": "2.5.0-nightly.20260413",
+  "version": "2.5.0-nightly.20260415",
   "mcpName": "microsoft.com/azure-devops",
   "description": "MCP server for interacting with Azure DevOps",
   "license": "MIT",
@@ -59,7 +59,7 @@
     "jest": "^30.0.2",
     "jest-extended": "^7.0.0",
     "lint-staged": "^16.2.7",
-    "prettier": "3.8.2",
+    "prettier": "3.8.3",
     "shx": "^0.4.0",
     "ts-jest": "^29.4.6",
     "tsconfig-paths": "^4.2.0",