@crypto512/jicon-mcp 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/.jicon.json.safewrite +17 -0
  2. package/README.md +40 -9
  3. package/dist/config/types.js +3 -3
  4. package/dist/config/types.js.map +1 -1
  5. package/package.json +1 -1
package/.jicon.json.safewrite ADDED
@@ -0,0 +1,17 @@
1
+ {
2
+ "jira": {
3
+ "url": "https://jira.example.com",
4
+ "username": "your-email@example.com",
5
+ "token": "your-jira-api-token"
6
+ },
7
+ "confluence": {
8
+ "url": "https://confluence.example.com",
9
+ "username": "your-email@example.com",
10
+ "token": "your-confluence-api-token"
11
+ },
12
+ "permissions": {
13
+ "mode": "custom",
14
+ "whitelist": ["jira_read", "confluence_write", "tempo_read"],
15
+ "confluenceWriteHome": true
16
+ }
17
+ }
package/README.md CHANGED
@@ -115,15 +115,17 @@ Add to `opencode.jsonc` in your project root or `~/.config/opencode/opencode.jso
115
115
  | `JIRA_URL` | Your Jira instance URL |
116
116
  | `JIRA_USERNAME` | Your email (omit for Data Center PAT) |
117
117
  | `JIRA_API_TOKEN` | API token or Personal Access Token |
118
+ | `JIRA_AUTH_TYPE` | Optional: `basic` or `bearer` (auto-detected from username) |
118
119
  | `CONFLUENCE_URL` | Your Confluence instance URL |
119
120
  | `CONFLUENCE_USERNAME` | Your email (omit for Data Center PAT) |
120
121
  | `CONFLUENCE_API_TOKEN` | API token or Personal Access Token |
122
+ | `CONFLUENCE_AUTH_TYPE` | Optional: `basic` or `bearer` (auto-detected from username) |
121
123
 
122
124
  **Note:** Tempo uses the same Jira credentials - no separate configuration needed.
123
125
 
124
126
  ### Configuration File (Optional)
125
127
 
126
- Create `.jicon.json` in your project root for project-specific settings:
128
+ Create `.jicon.json` in your project root for project-specific settings, or `~/.config/jicon/jicon.json` for user-wide settings:
127
129
 
128
130
  ```json
129
131
  {
@@ -140,33 +142,56 @@ Create `.jicon.json` in your project root for project-specific settings:
140
142
  }
141
143
  ```
142
144
 
145
+ **Priority:** Project config → User config → Environment variables
146
+
143
147
  **Important:** Add `.jicon.json` to your `.gitignore`!
144
148
 
145
149
  ### Permission Modes
146
150
 
147
- Control what operations are allowed:
151
+ Control what operations are allowed. **By default, Jicon runs in read-only mode** - all read tools across Jira, Confluence, and Tempo are available, but no write operations. Safe for exploration without risk of accidental modifications.
152
+
153
+ **Read-Only** (default) - all read tools enabled:
154
+ ```json
155
+ { "permissions": { "mode": "readonly" } }
156
+ ```
148
157
 
149
- **Full Access** (default):
158
+ **Full Access** - all operations enabled:
150
159
  ```json
151
160
  { "permissions": { "mode": "full" } }
152
161
  ```
153
162
 
154
- **Read-Only** - safe for exploration:
163
+ **Custom** - fine-grained control with whitelist and blacklist:
155
164
  ```json
156
- { "permissions": { "mode": "readonly" } }
165
+ {
166
+ "permissions": {
167
+ "mode": "custom",
168
+ "whitelist": ["jira_all", "confluence_all", "tempo_all"],
169
+ "blacklist": ["confluence_delete_page", "tempo_delete_worklog"]
170
+ }
171
+ }
157
172
  ```
158
173
 
159
- **Custom** - fine-grained control:
174
+ **Safe Write** - recommended for controlled write access:
160
175
  ```json
161
176
  {
162
177
  "permissions": {
163
178
  "mode": "custom",
164
- "whitelist": ["jira_read", "confluence_read", "tempo_all"]
179
+ "whitelist": ["jira_read", "confluence_write", "tempo_read"],
180
+ "confluenceWriteHome": true
165
181
  }
166
182
  }
167
183
  ```
168
184
 
169
- Available virtual actions: `jira_read`, `jira_write`, `jira_all`, `confluence_read`, `confluence_write`, `confluence_all`, `tempo_read`, `tempo_write`, `tempo_all`
185
+ This configuration allows:
186
+ - **Jira**: Read-only (search, view issues, sprints, boards)
187
+ - **Confluence**: Write restricted to your personal space only
188
+ - **Tempo**: Read-only (view worklogs, no time logging)
189
+
190
+ The `confluenceWriteHome: true` setting ensures all Confluence write operations (drafts, comments, attachments) can only target your personal space, preventing accidental modifications to shared team spaces.
191
+
192
+ **Virtual actions** (for whitelist): `jira_read`, `jira_write`, `jira_all`, `confluence_read`, `confluence_write`, `confluence_all`, `tempo_read`, `tempo_write`, `tempo_all`
193
+
194
+ **Individual tools** (for blacklist): See [TOOL_LIST.md](TOOL_LIST.md) for all tool names (e.g., `confluence_delete_page`, `tempo_delete_worklog`)
170
195
 
171
196
  ## Authentication
172
197
 
@@ -205,7 +230,13 @@ Plus utility tools for content buffering, time calculations, URL generation, and
205
230
 
206
231
  ### Safe Confluence Editing
207
232
 
208
- Confluence changes go through a draft workflow - drafts are created for your review before publishing. No accidental overwrites.
233
+ Confluence write operations use a **draft workflow** for safety:
234
+
235
+ 1. **Draft Creation**: When asked to create or edit content, Jicon creates a draft in your personal space
236
+ 2. **User Review**: You review the draft content before it goes live
237
+ 3. **Manual Publish**: You decide when and where to publish the final content
238
+
239
+ This means the AI assistant **never directly publishes** to shared team spaces - all changes are staged as drafts that require your explicit approval. Combined with `confluenceWriteHome: true`, this ensures complete control over what gets published.
209
240
 
210
241
  ### PlantUML Diagrams
211
242
 
package/dist/config/types.js CHANGED
@@ -22,13 +22,13 @@ export const PermissionsConfigSchema = z.object({
22
22
  confluenceWriteHome: z.boolean().default(false),
23
23
  });
24
24
  // Main configuration schema
25
- // Default: custom mode with jira_read + confluence_read only (Tempo disabled by default)
25
+ // Default: readonly mode for safety (no write operations allowed)
26
26
  export const ConfigSchema = z.object({
27
27
  jira: ServiceConfigSchema.optional(),
28
28
  confluence: ServiceConfigSchema.optional(),
29
29
  permissions: PermissionsConfigSchema.default({
30
- mode: "custom",
31
- whitelist: ["jira_read", "confluence_read"],
30
+ mode: "readonly",
31
+ whitelist: [],
32
32
  blacklist: [],
33
33
  }),
34
34
  });
package/dist/config/types.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/config/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,6BAA6B;AAC7B,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;AAG1D,+BAA+B;AAC/B,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IACrB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,QAAQ,EAAE,cAAc,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC;AAIH,yBAAyB;AACzB,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;AAG3E,mCAAmC;AACnC,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,IAAI,EAAE,oBAAoB,CAAC,OAAO,CAAC,UAAU,CAAC;IAC9C,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC1C,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC1C,iFAAiF;IACjF,mBAAmB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CAChD,CAAC,CAAC;AAIH,4BAA4B;AAC5B,yFAAyF;AACzF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,IAAI,EAAE,mBAAmB,CAAC,QAAQ,EAAE;IACpC,UAAU,EAAE,mBAAmB,CAAC,QAAQ,EAAE;IAC1C,WAAW,EAAE,uBAAuB,CAAC,OAAO,CAAC;QAC3C,IAAI,EAAE,QAAQ;QACd,SAAS,EAAE,CAAC,WAAW,EAAE,iBAAiB,CAAC;QAC3C,SAAS,EAAE,EAAE;KACd,CAAC;CACH,CAAC,CAAC"}
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/config/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,6BAA6B;AAC7B,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;AAG1D,+BAA+B;AAC/B,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1C,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IACrB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC/B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,QAAQ,EAAE,cAAc,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC;AAIH,yBAAyB;AACzB,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;AAG3E,mCAAmC;AACnC,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,IAAI,EAAE,oBAAoB,CAAC,OAAO,CAAC,UAAU,CAAC;IAC9C,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC1C,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IAC1C,iFAAiF;IACjF,mBAAmB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CAChD,CAAC,CAAC;AAIH,4BAA4B;AAC5B,kEAAkE;AAClE,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,IAAI,EAAE,mBAAmB,CAAC,QAAQ,EAAE;IACpC,UAAU,EAAE,mBAAmB,CAAC,QAAQ,EAAE;IAC1C,WAAW,EAAE,uBAAuB,CAAC,OAAO,CAAC;QAC3C,IAAI,EAAE,UAAU;QAChB,SAAS,EAAE,EAAE;QACb,SAAS,EAAE,EAAE;KACd,CAAC;CACH,CAAC,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@crypto512/jicon-mcp",
3
- "version": "1.0.1",
3
+ "version": "1.0.3",
4
4
  "description": "Model Context Protocol server for Jira, Confluence, and Tempo integration",
5
5
  "main": "dist/index.js",
6
6
  "type": "module",