npm - @cyanheads/cpsc-recalls-mcp-server - Versions diffs - 0.1.2 → 0.1.4 - Mend

@cyanheads/cpsc-recalls-mcp-server 0.1.2 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/AGENTS.md CHANGED Viewed

@@ -1,8 +1,8 @@
 # Developer Protocol
 **Server:** cpsc-recalls-mcp-server
-**Version:** 0.1.2
-**Framework:** [@cyanheads/mcp-ts-core](https://www.npmjs.com/package/@cyanheads/mcp-ts-core) `^0.9.19`
+**Version:** 0.1.4
+**Framework:** [@cyanheads/mcp-ts-core](https://www.npmjs.com/package/@cyanheads/mcp-ts-core) `^0.10.9`
 **Engines:** Bun ≥1.3.0, Node ≥24.0.0
 **MCP SDK:** `@modelcontextprotocol/sdk` ^1.29.0
 **Zod:** ^4.4.3
@@ -262,6 +262,7 @@ Available skills:
 | `git-wrapup` | Land working-tree changes as a versioned commit + annotated tag — version bump, changelog, verify, tag. Local only. |
 | `release-and-publish` | Push + npm + MCP Registry + GH Release + Docker. Picks up from `git-wrapup` |
 | `maintenance` | Investigate changelogs, adopt upstream changes, sync skills to agent dirs |
+| `orchestrations` | Chain task skills into a gated multi-phase pipeline — build-out, QA-fix, update-ship — when you can spawn sub-agents |
 | `report-issue-framework` | File a bug or feature request against `@cyanheads/mcp-ts-core` via `gh` CLI |
 | `report-issue-local` | File a bug or feature request against this server's own repo via `gh` CLI |
 | `api-auth` | Auth modes, scopes, JWT/OAuth |

package/CLAUDE.md CHANGED Viewed

@@ -1,8 +1,8 @@
 # Developer Protocol
 **Server:** cpsc-recalls-mcp-server
-**Version:** 0.1.2
-**Framework:** [@cyanheads/mcp-ts-core](https://www.npmjs.com/package/@cyanheads/mcp-ts-core) `^0.9.19`
+**Version:** 0.1.4
+**Framework:** [@cyanheads/mcp-ts-core](https://www.npmjs.com/package/@cyanheads/mcp-ts-core) `^0.10.9`
 **Engines:** Bun ≥1.3.0, Node ≥24.0.0
 **MCP SDK:** `@modelcontextprotocol/sdk` ^1.29.0
 **Zod:** ^4.4.3
@@ -262,6 +262,7 @@ Available skills:
 | `git-wrapup` | Land working-tree changes as a versioned commit + annotated tag — version bump, changelog, verify, tag. Local only. |
 | `release-and-publish` | Push + npm + MCP Registry + GH Release + Docker. Picks up from `git-wrapup` |
 | `maintenance` | Investigate changelogs, adopt upstream changes, sync skills to agent dirs |
+| `orchestrations` | Chain task skills into a gated multi-phase pipeline — build-out, QA-fix, update-ship — when you can spawn sub-agents |
 | `report-issue-framework` | File a bug or feature request against `@cyanheads/mcp-ts-core` via `gh` CLI |
 | `report-issue-local` | File a bug or feature request against this server's own repo via `gh` CLI |
 | `api-auth` | Auth modes, scopes, JWT/OAuth |

package/Dockerfile CHANGED Viewed

@@ -37,9 +37,11 @@ WORKDIR /usr/src/app
 ENV NODE_ENV=production
 # OCI image metadata (https://github.com/opencontainers/image-spec/blob/main/annotations.md)
+ARG APP_VERSION
 LABEL org.opencontainers.image.title="cpsc-recalls-mcp-server"
 LABEL org.opencontainers.image.description="MCP server for US consumer product recalls from the Consumer Product Safety Commission — hazards, remedies, and affected products."
 LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.version="${APP_VERSION}"
 LABEL org.opencontainers.image.source="https://github.com/cyanheads/cpsc-recalls-mcp-server"
 # Copy dependency manifests
@@ -95,5 +97,8 @@ ENV MCP_FORCE_CONSOLE_LOGGING="true"
 # Expose the port the server listens on
 EXPOSE ${MCP_HTTP_PORT}
+# Health check using a bun-native fetch (slim image ships no curl/wget)
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 CMD bun -e "fetch('http://localhost:'+(process.env.MCP_HTTP_PORT??'3010')+'/healthz').then((r)=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))"
 # The command to start the server
 CMD ["bun", "run", "dist/index.js"]

package/README.md CHANGED Viewed

@@ -7,7 +7,7 @@
 <div align="center">
-[![Version](https://img.shields.io/badge/Version-0.1.2-blue.svg?style=flat-square)](./CHANGELOG.md) [![License](https://img.shields.io/badge/License-Apache%202.0-orange.svg?style=flat-square)](./LICENSE) [![Docker](https://img.shields.io/badge/Docker-ghcr.io-2496ED?style=flat-square&logo=docker&logoColor=white)](https://github.com/users/cyanheads/packages/container/package/cpsc-recalls-mcp-server) [![MCP SDK](https://img.shields.io/badge/MCP%20SDK-^1.29.0-green.svg?style=flat-square)](https://modelcontextprotocol.io/) [![npm](https://img.shields.io/npm/v/@cyanheads/cpsc-recalls-mcp-server?style=flat-square&logo=npm&logoColor=white)](https://www.npmjs.com/package/@cyanheads/cpsc-recalls-mcp-server) [![TypeScript](https://img.shields.io/badge/TypeScript-^5.9.3-3178C6.svg?style=flat-square)](https://www.typescriptlang.org/) [![Bun](https://img.shields.io/badge/Bun-v1.3.0+-blueviolet.svg?style=flat-square)](https://bun.sh/)
+[![Version](https://img.shields.io/badge/Version-0.1.4-blue.svg?style=flat-square)](./CHANGELOG.md) [![License](https://img.shields.io/badge/License-Apache%202.0-orange.svg?style=flat-square)](./LICENSE) [![Docker](https://img.shields.io/badge/Docker-ghcr.io-2496ED?style=flat-square&logo=docker&logoColor=white)](https://github.com/users/cyanheads/packages/container/package/cpsc-recalls-mcp-server) [![MCP SDK](https://img.shields.io/badge/MCP%20SDK-^1.29.0-green.svg?style=flat-square)](https://modelcontextprotocol.io/) [![npm](https://img.shields.io/npm/v/@cyanheads/cpsc-recalls-mcp-server?style=flat-square&logo=npm&logoColor=white)](https://www.npmjs.com/package/@cyanheads/cpsc-recalls-mcp-server) [![TypeScript](https://img.shields.io/badge/TypeScript-^6.0.3-3178C6.svg?style=flat-square)](https://www.typescriptlang.org/) [![Bun](https://img.shields.io/badge/Bun-v1.3.0+-blueviolet.svg?style=flat-square)](https://bun.sh/)
 </div>

package/changelog/0.1.x/0.1.3.md ADDED Viewed

@@ -0,0 +1,31 @@
+---
+summary: "Maintenance: @cyanheads/mcp-ts-core ^0.9.19 → ^0.10.6; explicit name/title identity pair; bundle-content guards + agent-doc strip; Dockerfile healthcheck"
+breaking: false
+security: false
+---
+# 0.1.3 — 2026-06-11
+Framework and toolchain refresh adopting the `@cyanheads/mcp-ts-core` 0.10.x scaffold improvements. No tool surface or behavior changes — the three CPSC tools are unaffected.
+## Added
+- **`name` / `title` identity pair** — `createApp()` now sets both to `cpsc-recalls-mcp-server`, populating `initialize` serverInfo and `/.well-known/mcp.json` with the machine name instead of relying on the scoped npm `name`. Enforced by `lint:packaging` check 9 ([mcp-ts-core #231](https://github.com/cyanheads/mcp-ts-core/issues/231)).
+- **`scripts/clean-mcpb.ts`** — post-pack bundle cleaner wired into the `bundle` script: runs `mcpb clean`, then strips `node_modules/**` agent-doc entries (`skills/`, `.claude/`, `.agents/`, `SKILL.md`) that root-anchored `.mcpbignore` patterns can't reach ([mcp-ts-core #230](https://github.com/cyanheads/mcp-ts-core/issues/230)).
+- **`lint-packaging.ts` checks 5–9** — bundle-content guards (dev dirs excluded at root, no unanchored patterns stripping `node_modules` runtime paths, no critical-path stripping), post-bundle agent-doc content check, and `name`/`title`/`display_name` identity checks ([mcp-ts-core #207](https://github.com/cyanheads/mcp-ts-core/issues/207), [#230](https://github.com/cyanheads/mcp-ts-core/issues/230), [#231](https://github.com/cyanheads/mcp-ts-core/issues/231)).
+- **`coerce-boolean-env-flag` antipattern rule** — `check-framework-antipatterns.ts` now flags `z.coerce.boolean()` (can't be disabled via env: `Boolean("false") === true`), recommending `z.stringbool()`; the scanner skips comment lines so docs naming the pattern don't false-positive ([mcp-ts-core #201](https://github.com/cyanheads/mcp-ts-core/issues/201)).
+- **`Dockerfile` HEALTHCHECK** — `bun -e fetch(...)` against `/healthz` every 30s; no `curl`/`wget` dependency in the slim image ([mcp-ts-core #217](https://github.com/cyanheads/mcp-ts-core/issues/217)).
+- **`orchestrations` and `techniques` skills** — pipeline-chaining workflows and the response/data-shaping pattern catalog, synced from the framework.
+## Changed
+- **`Dockerfile` OCI version label** — `org.opencontainers.image.version` stamped from an `APP_VERSION` build arg passed by the release `docker buildx` command ([mcp-ts-core #202](https://github.com/cyanheads/mcp-ts-core/issues/202)).
+- **`.mcpbignore` patterns anchored** — root dev-dir patterns (`/skills/`, `/.claude/`, `/.agents/`, `/Dockerfile`, etc.) re-anchored with a leading `/` so they no longer strip nested `node_modules` runtime paths ([mcp-ts-core #207](https://github.com/cyanheads/mcp-ts-core/issues/207)).
+## Dependency bumps
+- `@cyanheads/mcp-ts-core` ^0.9.19 → ^0.10.6
+- `typescript` ^5.9.3 → ^6.0.3 (dev)
+- `@types/node` ^25.6.0 → ^25.9.3 (dev)
+- `@biomejs/biome` ^2.4.7 → ^2.4.16 (dev)
+- `tsc-alias` ^1.8.16 → ^1.8.17 (dev)

package/changelog/0.1.x/0.1.4.md ADDED Viewed

@@ -0,0 +1,26 @@
+---
+summary: "Maintenance: @cyanheads/mcp-ts-core ^0.10.6 → ^0.10.9; plugin-manifest packaging checks enabled; biome 2.5, @types/node 26, vitest 4.1.9 refresh"
+breaking: false
+security: false
+---
+# 0.1.4 — 2026-06-20
+Framework and toolchain refresh adopting `@cyanheads/mcp-ts-core` 0.10.7–0.10.9. No tool surface or behavior changes — the three CPSC tools are unaffected.
+## Added
+- **`devcheck.config.json` `packaging.pluginManifests: true`** — opts into the framework's new `lint:packaging` check 10, validating `.claude-plugin/plugin.json`, `.codex-plugin/plugin.json`, and `.codex-plugin/mcp.json` for non-empty descriptions, unscoped display fields, and a full-package-name `npx -y` install arg (mcp-ts-core [#240](https://github.com/cyanheads/mcp-ts-core/issues/240)).
+- **`scripts/check-dependency-specifiers.ts`** — new devcheck step synced from the framework; hard-fails on floating dependency specifiers (`latest`, `*`, pre-release dist-tags) in `package.json` and the `bun.lock` workspaces map, catching a `bun update --latest` writing a `latest` dist-tag into the lock (mcp-ts-core [#246](https://github.com/cyanheads/mcp-ts-core/issues/246)).
+## Changed
+- **devcheck fresh-scaffold guards** — `build-changelog.ts`, `devcheck.ts`, `check-framework-antipatterns.ts`, and `check-skill-versions.ts` re-synced: changelog `--check` exits cleanly on an empty version tree, git-dependent checks skip when `.git` is absent, and a `SKILL.md` deleted from the worktree no longer crashes the version check (mcp-ts-core [#237](https://github.com/cyanheads/mcp-ts-core/issues/237), [#242](https://github.com/cyanheads/mcp-ts-core/issues/242), [#243](https://github.com/cyanheads/mcp-ts-core/issues/243)).
+- **14 `skills/<name>/SKILL.md` re-synced** — picks up the framework's pre-0.9.18 body drift propagated via `metadata.version` bumps (`api-auth`, `api-errors`, `api-services`, `api-telemetry`, `field-test`, `report-issue-local`, `tool-defs-analysis`) plus the `git-wrapup` v1.4 / `orchestrations` v1.4 guidance updates (mcp-ts-core [#238](https://github.com/cyanheads/mcp-ts-core/issues/238)).
+## Dependency bumps
+- `@cyanheads/mcp-ts-core` ^0.10.6 → ^0.10.9
+- `@biomejs/biome` ^2.4.16 → ^2.5.0 (dev)
+- `@types/node` ^25.9.3 → ^26.0.0 (dev)
+- `vitest` ^4.1.8 → ^4.1.9 (dev)

package/dist/index.js CHANGED Viewed

@@ -9,6 +9,8 @@ import { cpscGetRecent } from './mcp-server/tools/definitions/cpsc-get-recent.to
 import { cpscSearchRecalls } from './mcp-server/tools/definitions/cpsc-search-recalls.tool.js';
 import { initCpscRecallService } from './services/cpsc-recall/cpsc-recall-service.js';
 await createApp({
+    name: 'cpsc-recalls-mcp-server',
+    title: 'cpsc-recalls-mcp-server',
     tools: [cpscSearchRecalls, cpscGetRecall, cpscGetRecent],
     resources: [],
     prompts: [],

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;GAGG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,wDAAwD,CAAC;AACvF,OAAO,EAAE,aAAa,EAAE,MAAM,wDAAwD,CAAC;AACvF,OAAO,EAAE,iBAAiB,EAAE,MAAM,4DAA4D,CAAC;AAC/F,OAAO,EAAE,qBAAqB,EAAE,MAAM,+CAA+C,CAAC;AAEtF,MAAM,SAAS,CAAC;IACd,KAAK,EAAE,CAAC,iBAAiB,EAAE,aAAa,EAAE,aAAa,CAAC;IACxD,SAAS,EAAE,EAAE;IACb,OAAO,EAAE,EAAE;IACX,YAAY,EACV,6DAA6D;QAC7D,8EAA8E;QAC9E,mEAAmE;QACnE,gDAAgD;QAChD,qJAAqJ;IACvJ,KAAK,CAAC,IAAI;QACR,KAAK,IAAI,CAAC;QACV,qBAAqB,EAAE,CAAC;IAC1B,CAAC;CACF,CAAC,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;GAGG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,wDAAwD,CAAC;AACvF,OAAO,EAAE,aAAa,EAAE,MAAM,wDAAwD,CAAC;AACvF,OAAO,EAAE,iBAAiB,EAAE,MAAM,4DAA4D,CAAC;AAC/F,OAAO,EAAE,qBAAqB,EAAE,MAAM,+CAA+C,CAAC;AAEtF,MAAM,SAAS,CAAC;IACd,IAAI,EAAE,yBAAyB;IAC/B,KAAK,EAAE,yBAAyB;IAChC,KAAK,EAAE,CAAC,iBAAiB,EAAE,aAAa,EAAE,aAAa,CAAC;IACxD,SAAS,EAAE,EAAE;IACb,OAAO,EAAE,EAAE;IACX,YAAY,EACV,6DAA6D;QAC7D,8EAA8E;QAC9E,mEAAmE;QACnE,gDAAgD;QAChD,qJAAqJ;IACvJ,KAAK,CAAC,IAAI;QACR,KAAK,IAAI,CAAC;QACV,qBAAqB,EAAE,CAAC;IAC1B,CAAC;CACF,CAAC,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cyanheads/cpsc-recalls-mcp-server",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "mcpName": "io.github.cyanheads/cpsc-recalls-mcp-server",
   "description": "MCP server for US consumer product recalls from the Consumer Product Safety Commission — hazards, remedies, and affected products.",
   "type": "module",
@@ -31,7 +31,7 @@
     "format:unsafe": "biome check --write --unsafe .",
     "lint:mcp": "bun run scripts/lint-mcp.ts",
     "lint:packaging": "bun run scripts/lint-packaging.ts",
-    "bundle": "bun run build && npx -y @anthropic-ai/mcpb pack . dist/cpsc-recalls-mcp-server.mcpb",
+    "bundle": "bun run build && npx -y @anthropic-ai/mcpb pack . dist/cpsc-recalls-mcp-server.mcpb && bun run scripts/clean-mcpb.ts dist/cpsc-recalls-mcp-server.mcpb",
     "changelog:build": "bun run scripts/build-changelog.ts",
     "changelog:check": "bun run scripts/build-changelog.ts --check",
     "release:github": "bun run scripts/release-github.ts",
@@ -85,17 +85,17 @@
     "access": "public"
   },
   "dependencies": {
-    "@cyanheads/mcp-ts-core": "^0.9.19",
+    "@cyanheads/mcp-ts-core": "^0.10.9",
     "pino-pretty": "^13.1.3",
     "zod": "^4.4.3"
   },
   "devDependencies": {
-    "@biomejs/biome": "^2.4.7",
-    "@types/node": "^25.6.0",
+    "@biomejs/biome": "^2.5.0",
+    "@types/node": "^26.0.0",
     "depcheck": "^1.4.7",
     "ignore": "^7.0.5",
-    "tsc-alias": "^1.8.16",
-    "typescript": "^5.9.3",
-    "vitest": "^4.1.8"
+    "tsc-alias": "^1.8.17",
+    "typescript": "^6.0.3",
+    "vitest": "^4.1.9"
   }
 }

package/server.json CHANGED Viewed

@@ -6,7 +6,7 @@
     "url": "https://github.com/cyanheads/cpsc-recalls-mcp-server",
     "source": "github"
   },
-  "version": "0.1.2",
+  "version": "0.1.4",
   "remotes": [
     {
       "type": "streamable-http",
@@ -19,7 +19,7 @@
       "registryBaseUrl": "https://registry.npmjs.org",
       "identifier": "@cyanheads/cpsc-recalls-mcp-server",
       "runtimeHint": "bun",
-      "version": "0.1.2",
+      "version": "0.1.4",
       "packageArguments": [
         {
           "type": "positional",
@@ -48,7 +48,7 @@
       "registryBaseUrl": "https://registry.npmjs.org",
       "identifier": "@cyanheads/cpsc-recalls-mcp-server",
       "runtimeHint": "bun",
-      "version": "0.1.2",
+      "version": "0.1.4",
       "packageArguments": [
         {
           "type": "positional",