@cyanheads/git-mcp-server 2.4.9 → 2.5.1

package/dist/index.js

@@ -4261,7 +4261,7 @@ var package_default;
 var init_package = __esm(() => {
   package_default = {
     name: "@cyanheads/git-mcp-server",
-    version: "2.4.9",
+    version: "2.5.1",
     mcpName: "io.github.cyanheads/git-mcp-server",
     description: "A secure and scalable Git MCP server enabling AI agents to perform comprehensive Git version control operations via STDIO and Streamable HTTP.",
     main: "dist/index.js",
@@ -4327,33 +4327,12 @@ var init_package = __esm(() => {
       zod: "3.23.8",
       typescript: "5.9.3"
     },
-    dependencies: {
+    devDependencies: {
+      "@cloudflare/workers-types": "^4.20251011.0",
+      "@eslint/js": "^9.37.0",
       "@hono/mcp": "^0.1.4",
       "@hono/node-server": "^1.19.5",
       "@modelcontextprotocol/sdk": "^1.20.0",
-      "@supabase/supabase-js": "^2.75.0",
-      axios: "^1.12.2",
-      "chrono-node": "^2.9.0",
-      dotenv: "^17.2.3",
-      "fast-xml-parser": "^5.3.0",
-      hono: "^4.9.12",
-      ignore: "^7.0.5",
-      jose: "^6.1.0",
-      "js-yaml": "^4.1.0",
-      "node-cron": "^4.2.1",
-      openai: "^6.3.0",
-      papaparse: "^5.5.3",
-      "partial-json": "^0.1.7",
-      "pdf-lib": "^1.17.1",
-      pino: "^10.0.0",
-      "pino-pretty": "^13.1.2",
-      "reflect-metadata": "^0.2.2",
-      repomix: "^1.7.0",
-      "sanitize-html": "^2.17.0",
-      tslib: "^2.8.1",
-      tsyringe: "^4.10.0",
-      validator: "13.15.15",
-      zod: "^3.23.8",
       "@opentelemetry/api": "^1.9.0",
       "@opentelemetry/auto-instrumentations-node": "^0.65.0",
       "@opentelemetry/exporter-metrics-otlp-http": "^0.206.0",
@@ -4363,11 +4342,8 @@ var init_package = __esm(() => {
       "@opentelemetry/sdk-metrics": "^2.1.0",
       "@opentelemetry/sdk-node": "^0.206.0",
       "@opentelemetry/sdk-trace-node": "^2.1.0",
-      "@opentelemetry/semantic-conventions": "^1.37.0"
-    },
-    devDependencies: {
-      "@cloudflare/workers-types": "^4.20251011.0",
-      "@eslint/js": "^9.37.0",
+      "@opentelemetry/semantic-conventions": "^1.37.0",
+      "@supabase/supabase-js": "^2.75.0",
       "@types/bun": "^1.3.0",
       "@types/js-yaml": "^4.0.9",
       "@types/node": "^24.7.2",
@@ -4378,21 +4354,43 @@ var init_package = __esm(() => {
       "@vitest/coverage-v8": "3.2.4",
       ajv: "^8.17.1",
       "ajv-formats": "^3.0.1",
+      axios: "^1.12.2",
       "bun-types": "^1.3.0",
+      "chrono-node": "^2.9.0",
       clipboardy: "^5.0.0",
       depcheck: "^1.4.7",
+      dotenv: "^17.2.3",
       eslint: "^9.37.0",
       execa: "^9.6.0",
+      "fast-xml-parser": "^5.3.0",
       globals: "^16.4.0",
+      hono: "^4.9.12",
       husky: "^9.1.7",
+      ignore: "^7.0.5",
+      jose: "^6.1.0",
+      "js-yaml": "^4.1.0",
       msw: "^2.11.5",
+      "node-cron": "^4.2.1",
+      openai: "^6.3.0",
+      papaparse: "^5.5.3",
+      "partial-json": "^0.1.7",
+      "pdf-lib": "^1.17.1",
+      pino: "^10.0.0",
+      "pino-pretty": "^13.1.2",
       prettier: "^3.6.2",
+      "reflect-metadata": "^0.2.2",
+      repomix: "^1.7.0",
+      "sanitize-html": "^2.17.0",
+      tslib: "^2.8.1",
+      tsyringe: "^4.10.0",
       typedoc: "^0.28.14",
       typescript: "^5.9.3",
       "typescript-eslint": "8.46.0",
+      validator: "13.15.15",
       vite: "7.1.9",
       "vite-tsconfig-paths": "^5.1.4",
-      vitest: "^3.2.4"
+      vitest: "^3.2.4",
+      zod: "^3.23.8"
     },
     keywords: [
       "ai-agent",
@@ -151931,13 +151929,24 @@ function detectRuntime2() {
   }
   return "node";
 }
-async function spawnWithBun(args, cwd, env, timeout) {
+async function spawnWithBun(args, cwd, env, timeout, signal) {
   const bunApi = globalThis.Bun;
+  if (signal?.aborted) {
+    throw new Error(`Git command cancelled before execution: git ${args.join(" ")}`);
+  }
   const proc = bunApi.spawn(["git", ...args], {
     cwd,
     env,
     stdio: ["ignore", "pipe", "pipe"]
   });
+  const abortPromise = new Promise((_, reject) => {
+    if (signal) {
+      signal.addEventListener("abort", () => {
+        proc.kill();
+        reject(new Error(`Git command cancelled: git ${args.join(" ")}`));
+      }, { once: true });
+    }
+  });
   const timeoutPromise = new Promise((_, reject) => {
     const timeoutId = setTimeout(() => {
       proc.kill();
@@ -151945,7 +151954,11 @@ async function spawnWithBun(args, cwd, env, timeout) {
     }, timeout);
     proc.exited.finally(() => clearTimeout(timeoutId));
   });
-  const exitCode = await Promise.race([proc.exited, timeoutPromise]);
+  const exitCode = await Promise.race([
+    proc.exited,
+    timeoutPromise,
+    ...signal ? [abortPromise] : []
+  ]);
   const [stdout, stderr] = await Promise.all([
     proc.stdout.text(),
     proc.stderr.text()
@@ -151958,8 +151971,12 @@ Stdout: ${stdout}`;
   }
   return { stdout, stderr };
 }
-async function spawnWithNode(args, cwd, env, timeout) {
+async function spawnWithNode(args, cwd, env, timeout, signal) {
   return new Promise((resolve, reject) => {
+    if (signal?.aborted) {
+      reject(new Error(`Git command cancelled before execution: ${args.join(" ")}`));
+      return;
+    }
     const proc = spawn("git", args, {
       cwd,
       env,
@@ -151973,16 +151990,29 @@ async function spawnWithNode(args, cwd, env, timeout) {
     proc.stderr.on("data", (chunk) => {
       stderrChunks.push(chunk);
     });
+    const abortHandler = () => {
+      proc.kill("SIGTERM");
+      reject(new Error(`Git command cancelled: ${args.join(" ")}`));
+    };
+    if (signal) {
+      signal.addEventListener("abort", abortHandler, { once: true });
+    }
     const timeoutHandle = setTimeout(() => {
       proc.kill("SIGTERM");
       reject(new Error(`Git command timed out after ${timeout / 1000}s: ${args.join(" ")}`));
     }, timeout);
     proc.on("error", (error) => {
       clearTimeout(timeoutHandle);
+      if (signal) {
+        signal.removeEventListener("abort", abortHandler);
+      }
       reject(error);
     });
     proc.on("close", (exitCode) => {
       clearTimeout(timeoutHandle);
+      if (signal) {
+        signal.removeEventListener("abort", abortHandler);
+      }
       const stdout = Buffer.concat(stdoutChunks).toString("utf-8");
       const stderr = Buffer.concat(stderrChunks).toString("utf-8");
       if (exitCode !== 0) {
@@ -151996,12 +152026,12 @@ Stdout: ${stdout}`;
     });
   });
 }
-async function spawnGitCommand(args, cwd, env, timeout = 60000) {
+async function spawnGitCommand(args, cwd, env, timeout = 60000, signal) {
   const runtime2 = detectRuntime2();
   if (runtime2 === "bun") {
-    return spawnWithBun(args, cwd, env, timeout);
+    return spawnWithBun(args, cwd, env, timeout, signal);
   } else {
-    return spawnWithNode(args, cwd, env, timeout);
+    return spawnWithNode(args, cwd, env, timeout, signal);
   }
 }
 
@@ -172126,6 +172156,163 @@ var httpErrorHandler = async (err, c) => {
   return c.json(errorResponse);
 };
 
+// src/mcp-server/transports/http/sessionManager.ts
+init_utils();
+
+class SessionManager {
+  static instance = null;
+  sessions = new Map;
+  cleanupIntervalId = null;
+  staleTimeoutMs;
+  cleanupIntervalMs;
+  constructor(staleTimeoutMs = 30 * 60 * 1000, cleanupIntervalMs = 5 * 60 * 1000) {
+    this.staleTimeoutMs = staleTimeoutMs;
+    this.cleanupIntervalMs = cleanupIntervalMs;
+    this.startCleanupInterval();
+  }
+  static getInstance(staleTimeoutMs, cleanupIntervalMs) {
+    if (!SessionManager.instance) {
+      SessionManager.instance = new SessionManager(staleTimeoutMs, cleanupIntervalMs);
+    }
+    return SessionManager.instance;
+  }
+  static resetInstance() {
+    if (SessionManager.instance) {
+      SessionManager.instance.stopCleanupInterval();
+      SessionManager.instance = null;
+    }
+  }
+  createSession(sessionId, clientId, tenantId) {
+    const now2 = Date.now();
+    const metadata = {
+      sessionId,
+      createdAt: now2,
+      lastActivityAt: now2,
+      ...clientId !== undefined && { clientId },
+      ...tenantId !== undefined && { tenantId }
+    };
+    this.sessions.set(sessionId, metadata);
+    logger.debug("Created new MCP session", {
+      ...requestContextService.createRequestContext({
+        operation: "SessionManager.createSession"
+      }),
+      sessionId,
+      ...clientId !== undefined && { clientId },
+      ...tenantId !== undefined && { tenantId },
+      totalSessions: this.sessions.size
+    });
+    return sessionId;
+  }
+  isSessionValid(sessionId) {
+    const session = this.sessions.get(sessionId);
+    if (!session) {
+      return false;
+    }
+    const now2 = Date.now();
+    const age = now2 - session.lastActivityAt;
+    if (age > this.staleTimeoutMs) {
+      logger.info("Session expired due to inactivity", {
+        ...requestContextService.createRequestContext({
+          operation: "SessionManager.isSessionValid"
+        }),
+        sessionId,
+        ageMs: age,
+        staleTimeoutMs: this.staleTimeoutMs
+      });
+      this.sessions.delete(sessionId);
+      return false;
+    }
+    return true;
+  }
+  touchSession(sessionId) {
+    const session = this.sessions.get(sessionId);
+    if (session) {
+      session.lastActivityAt = Date.now();
+    }
+  }
+  terminateSession(sessionId) {
+    const existed = this.sessions.has(sessionId);
+    this.sessions.delete(sessionId);
+    if (existed) {
+      logger.info("Session explicitly terminated", {
+        ...requestContextService.createRequestContext({
+          operation: "SessionManager.terminateSession"
+        }),
+        sessionId,
+        remainingSessions: this.sessions.size
+      });
+    }
+    return existed;
+  }
+  getSessionMetadata(sessionId) {
+    if (!this.isSessionValid(sessionId)) {
+      return null;
+    }
+    return this.sessions.get(sessionId) ?? null;
+  }
+  getActiveSessionCount() {
+    return this.sessions.size;
+  }
+  startCleanupInterval() {
+    if (this.cleanupIntervalId) {
+      return;
+    }
+    this.cleanupIntervalId = setInterval(() => {
+      this.cleanupStaleSessions();
+    }, this.cleanupIntervalMs);
+    logger.info("Session cleanup interval started", {
+      ...requestContextService.createRequestContext({
+        operation: "SessionManager.startCleanupInterval"
+      }),
+      cleanupIntervalMs: this.cleanupIntervalMs,
+      staleTimeoutMs: this.staleTimeoutMs
+    });
+  }
+  stopCleanupInterval() {
+    if (this.cleanupIntervalId) {
+      clearInterval(this.cleanupIntervalId);
+      this.cleanupIntervalId = null;
+      logger.info("Session cleanup interval stopped", {
+        ...requestContextService.createRequestContext({
+          operation: "SessionManager.stopCleanupInterval"
+        })
+      });
+    }
+  }
+  cleanupStaleSessions() {
+    const now2 = Date.now();
+    const sessionsBefore = this.sessions.size;
+    let removedCount = 0;
+    for (const [sessionId, metadata] of this.sessions.entries()) {
+      const age = now2 - metadata.lastActivityAt;
+      if (age > this.staleTimeoutMs) {
+        this.sessions.delete(sessionId);
+        removedCount++;
+      }
+    }
+    if (removedCount > 0) {
+      logger.notice("Cleaned up stale sessions", {
+        ...requestContextService.createRequestContext({
+          operation: "SessionManager.cleanupStaleSessions"
+        }),
+        removedCount,
+        sessionsBefore,
+        sessionsAfter: this.sessions.size
+      });
+    }
+  }
+  clearAllSessions() {
+    const count = this.sessions.size;
+    this.sessions.clear();
+    logger.warning("All sessions cleared", {
+      ...requestContextService.createRequestContext({
+        operation: "SessionManager.clearAllSessions"
+      }),
+      clearedCount: count
+    });
+  }
+}
+
 // src/mcp-server/transports/http/httpTransport.ts
 init_utils();
 
@@ -172142,6 +172329,11 @@ function createHttpApp(mcpServer, parentContext) {
     ...parentContext,
     component: "HttpTransportSetup"
   };
+  const sessionManager = SessionManager.getInstance(config.mcpStatefulSessionStaleTimeoutMs);
+  logger.info("Session manager initialized", {
+    ...transportContext,
+    staleTimeoutMs: config.mcpStatefulSessionStaleTimeoutMs
+  });
   const allowedOrigin = Array.isArray(config.mcpAllowedOrigins) && config.mcpAllowedOrigins.length > 0 ? config.mcpAllowedOrigins : "*";
   app.use("*", cors({
     origin: allowedOrigin,
@@ -172190,6 +172382,35 @@ function createHttpApp(mcpServer, parentContext) {
   } else {
     logger.info("Authentication is disabled; MCP endpoint is unprotected.", transportContext);
   }
+  app.delete(config.mcpHttpEndpointPath, (c) => {
+    const sessionId = c.req.header("mcp-session-id");
+    if (!sessionId) {
+      return c.json({
+        jsonrpc: "2.0",
+        error: {
+          code: -32600,
+          message: "Mcp-Session-Id header required for DELETE"
+        },
+        id: null
+      }, 400);
+    }
+    const terminated = sessionManager.terminateSession(sessionId);
+    if (!terminated) {
+      return c.json({
+        jsonrpc: "2.0",
+        error: {
+          code: -32001,
+          message: "Session not found or already expired"
+        },
+        id: null
+      }, 404);
+    }
+    logger.info("Session terminated via DELETE", {
+      ...transportContext,
+      sessionId
+    });
+    return c.body(null, 204);
+  });
   app.all(config.mcpHttpEndpointPath, async (c) => {
     const protocolVersion = c.req.header("mcp-protocol-version") ?? "2025-03-26";
     logger.debug("Handling MCP request.", {
@@ -172205,12 +172426,50 @@ function createHttpApp(mcpServer, parentContext) {
         protocolVersion,
         supportedVersions
       });
+      return c.json({
+        jsonrpc: "2.0",
+        error: {
+          code: -32600,
+          message: `Unsupported MCP protocol version: ${protocolVersion}`,
+          data: {
+            requested: protocolVersion,
+            supported: supportedVersions
+          }
+        },
+        id: null
+      }, 400);
     }
     const sessionId = c.req.header("mcp-session-id") ?? randomUUID();
+    if (c.req.header("mcp-session-id") && !sessionManager.isSessionValid(sessionId)) {
+      logger.warning("Invalid or expired session ID", {
+        ...transportContext,
+        sessionId
+      });
+      return c.json({
+        jsonrpc: "2.0",
+        error: {
+          code: -32001,
+          message: "Session expired or invalid. Please reinitialize."
+        },
+        id: null
+      }, 404);
+    }
+    if (!c.req.header("mcp-session-id")) {
+      logger.debug("New session will be created", {
+        ...transportContext,
+        sessionId
+      });
+    } else {
+      sessionManager.touchSession(sessionId);
+    }
     const transport = new McpSessionTransport(sessionId);
     const handleRpc = async () => {
       await mcpServer.connect(transport);
       const response = await transport.handleRequest(c);
+      if (response && !c.req.header("mcp-session-id")) {
+        const store = authContext.getStore();
+        sessionManager.createSession(sessionId, store?.authInfo.clientId, store?.authInfo.tenantId);
+      }
       if (response) {
         return response;
       }
@@ -172306,6 +172565,9 @@ async function stopHttpTransport(server, parentContext) {
     transportType: "Http"
   };
   logger.info("Attempting to stop http transport...", operationContext);
+  const sessionManager = SessionManager.getInstance();
+  sessionManager.stopCleanupInterval();
+  logger.info("Session cleanup interval stopped", operationContext);
   return new Promise((resolve, reject) => {
     server.close((err) => {
       if (err) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cyanheads/git-mcp-server",
-  "version": "2.4.9",
+  "version": "2.5.1",
   "mcpName": "io.github.cyanheads/git-mcp-server",
   "description": "A secure and scalable Git MCP server enabling AI agents to perform comprehensive Git version control operations via STDIO and Streamable HTTP.",
   "main": "dist/index.js",
@@ -66,33 +66,12 @@
     "zod": "3.23.8",
     "typescript": "5.9.3"
   },
-  "dependencies": {
+  "devDependencies": {
+    "@cloudflare/workers-types": "^4.20251011.0",
+    "@eslint/js": "^9.37.0",
     "@hono/mcp": "^0.1.4",
     "@hono/node-server": "^1.19.5",
     "@modelcontextprotocol/sdk": "^1.20.0",
-    "@supabase/supabase-js": "^2.75.0",
-    "axios": "^1.12.2",
-    "chrono-node": "^2.9.0",
-    "dotenv": "^17.2.3",
-    "fast-xml-parser": "^5.3.0",
-    "hono": "^4.9.12",
-    "ignore": "^7.0.5",
-    "jose": "^6.1.0",
-    "js-yaml": "^4.1.0",
-    "node-cron": "^4.2.1",
-    "openai": "^6.3.0",
-    "papaparse": "^5.5.3",
-    "partial-json": "^0.1.7",
-    "pdf-lib": "^1.17.1",
-    "pino": "^10.0.0",
-    "pino-pretty": "^13.1.2",
-    "reflect-metadata": "^0.2.2",
-    "repomix": "^1.7.0",
-    "sanitize-html": "^2.17.0",
-    "tslib": "^2.8.1",
-    "tsyringe": "^4.10.0",
-    "validator": "13.15.15",
-    "zod": "^3.23.8",
     "@opentelemetry/api": "^1.9.0",
     "@opentelemetry/auto-instrumentations-node": "^0.65.0",
     "@opentelemetry/exporter-metrics-otlp-http": "^0.206.0",
@@ -102,11 +81,8 @@
     "@opentelemetry/sdk-metrics": "^2.1.0",
     "@opentelemetry/sdk-node": "^0.206.0",
     "@opentelemetry/sdk-trace-node": "^2.1.0",
-    "@opentelemetry/semantic-conventions": "^1.37.0"
-  },
-  "devDependencies": {
-    "@cloudflare/workers-types": "^4.20251011.0",
-    "@eslint/js": "^9.37.0",
+    "@opentelemetry/semantic-conventions": "^1.37.0",
+    "@supabase/supabase-js": "^2.75.0",
     "@types/bun": "^1.3.0",
     "@types/js-yaml": "^4.0.9",
     "@types/node": "^24.7.2",
@@ -117,21 +93,43 @@
     "@vitest/coverage-v8": "3.2.4",
     "ajv": "^8.17.1",
     "ajv-formats": "^3.0.1",
+    "axios": "^1.12.2",
     "bun-types": "^1.3.0",
+    "chrono-node": "^2.9.0",
     "clipboardy": "^5.0.0",
     "depcheck": "^1.4.7",
+    "dotenv": "^17.2.3",
     "eslint": "^9.37.0",
     "execa": "^9.6.0",
+    "fast-xml-parser": "^5.3.0",
     "globals": "^16.4.0",
+    "hono": "^4.9.12",
     "husky": "^9.1.7",
+    "ignore": "^7.0.5",
+    "jose": "^6.1.0",
+    "js-yaml": "^4.1.0",
     "msw": "^2.11.5",
+    "node-cron": "^4.2.1",
+    "openai": "^6.3.0",
+    "papaparse": "^5.5.3",
+    "partial-json": "^0.1.7",
+    "pdf-lib": "^1.17.1",
+    "pino": "^10.0.0",
+    "pino-pretty": "^13.1.2",
     "prettier": "^3.6.2",
+    "reflect-metadata": "^0.2.2",
+    "repomix": "^1.7.0",
+    "sanitize-html": "^2.17.0",
+    "tslib": "^2.8.1",
+    "tsyringe": "^4.10.0",
     "typedoc": "^0.28.14",
     "typescript": "^5.9.3",
     "typescript-eslint": "8.46.0",
+    "validator": "13.15.15",
     "vite": "7.1.9",
     "vite-tsconfig-paths": "^5.1.4",
-    "vitest": "^3.2.4"
+    "vitest": "^3.2.4",
+    "zod": "^3.23.8"
   },
   "keywords": [
     "ai-agent",