@dotsetlabs/bellwether 2.1.0 → 2.1.2

package/dist/transport/sse-transport.js

@@ -1,6 +1,7 @@
 import { BaseTransport } from './base-transport.js';
 import { TIME_CONSTANTS, TIMEOUTS } from '../constants.js';
 import { isLocalhost } from '../utils/index.js';
+import { ServerAuthError } from '../errors/types.js';
 /**
  * Validate that a URL uses HTTPS in production contexts.
  * Allows HTTP only for localhost/127.0.0.1 for local development.
@@ -161,6 +162,15 @@ export class SSETransport extends BaseTransport {
             signal: this.streamAbortController.signal,
         });
         if (!response.ok) {
+            if (response.status === 401) {
+                throw new ServerAuthError('Remote MCP SSE authentication failed (401 Unauthorized)', 401, 'Add server.headers.Authorization (for example: Bearer token) in bellwether.yaml or pass --header.');
+            }
+            if (response.status === 403) {
+                throw new ServerAuthError('Remote MCP SSE authorization failed (403 Forbidden)', 403, 'Credentials are recognized but lack required permissions. Verify token scopes/roles.');
+            }
+            if (response.status === 407) {
+                throw new ServerAuthError('Proxy authentication required (407)', 407, 'Configure proxy credentials and retry.');
+            }
             throw new Error(`Failed to connect to SSE endpoint: HTTP ${response.status}`);
         }
         if (!response.body) {
@@ -334,6 +344,15 @@ export class SSETransport extends BaseTransport {
             .then(async (response) => {
             clearTimeout(timeoutId);
             if (!response.ok) {
+                if (response.status === 401) {
+                    throw new ServerAuthError('Remote MCP message authentication failed (401 Unauthorized)', 401, 'Add server.headers.Authorization (for example: Bearer token) in bellwether.yaml or pass --header.');
+                }
+                if (response.status === 403) {
+                    throw new ServerAuthError('Remote MCP message authorization failed (403 Forbidden)', 403, 'Credentials are recognized but lack required permissions. Verify token scopes/roles.');
+                }
+                if (response.status === 407) {
+                    throw new ServerAuthError('Proxy authentication required (407)', 407, 'Configure proxy credentials and retry.');
+                }
                 const errorText = await response.text().catch(() => 'Unknown error');
                 throw new Error(`HTTP ${response.status}: ${errorText}`);
             }

package/dist/version.js

@@ -29,8 +29,8 @@ function getPackageVersion() {
         return packageJson.version;
     }
     catch {
-        // Fallback version - should match package.json
-        return '2.1.0';
+        // Final fallback to avoid hardcoded release drift.
+        return process.env.BELLWETHER_VERSION || '0.0.0';
     }
 }
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dotsetlabs/bellwether",
-  "version": "2.1.0",
+  "version": "2.1.2",
   "description": "The open-source MCP testing tool. Structural drift detection and behavioral documentation for Model Context Protocol servers.",
   "type": "module",
   "main": "dist/index.js",
@@ -23,7 +23,7 @@
   },
   "scripts": {
     "build": "tsc",
-    "postbuild": "chmod +x dist/cli/index.js",
+    "postbuild": "node ./scripts/postbuild.mjs",
     "dev": "tsc --watch",
     "test": "vitest run",
     "test:watch": "vitest",
@@ -32,12 +32,11 @@
     "lint:fix": "eslint src --ext .ts --fix",
     "format": "prettier --write \"src/**/*.ts\"",
     "format:check": "prettier --check \"src/**/*.ts\"",
+    "check:consistency": "node ./scripts/validate-consistency.mjs",
     "clean": "rm -rf dist",
     "docs:generate": "npm --prefix website run build",
     "docs:dev": "npm --prefix website run start",
-    "man:generate": "./scripts/generate-manpage.sh",
-    "prepare": "husky install || true",
-    "prepublishOnly": "npm run build && npm run man:generate"
+    "prepublishOnly": "npm run build"
   },
   "keywords": [
     "mcp",
@@ -74,7 +73,7 @@
     "node": ">=20.0.0"
   },
   "dependencies": {
-    "@anthropic-ai/sdk": "^0.72.1",
+    "@anthropic-ai/sdk": "^0.74.0",
     "ajv": "^8.17.1",
     "chalk": "^5.4.1",
     "cli-progress": "^3.12.0",
@@ -97,25 +96,16 @@
     "@typescript-eslint/parser": "^6.21.0",
     "@vitest/coverage-v8": "^4.0.18",
     "eslint": "^8.57.1",
-    "husky": "^9.1.0",
-    "lint-staged": "^16.2.7",
     "prettier": "^3.3.0",
     "tsx": "^4.21.0",
     "typescript": "^5.3.0",
     "vitest": "^4.0.17"
   },
-  "lint-staged": {
-    "*.ts": [
-      "eslint --fix",
-      "prettier --write"
-    ]
-  },
   "files": [
     "dist",
     "!dist/**/*.map",
     "schemas",
     "scripts/completions",
-    "man",
     "README.md",
     "LICENSE",
     "CHANGELOG.md",

package/man/bellwether.1

@@ -1,204 +0,0 @@
-.TH "BELLWETHER" "1" "2026\-02\-11" "Bellwether 2.1.0" "User Commands"
-.SH NAME
-.PP
-bellwether \[em] MCP server testing and validation tool
-.SH SYNOPSIS
-.PP
-\f[B]bellwether\f[] [OPTIONS] COMMAND [ARGS...]
-.PP
-\f[B]bellwether\f[] \f[B]\-\-version\f[]
-.PP
-\f[B]bellwether\f[] \f[B]\-\-help\f[]
-.SH DESCRIPTION
-.PP
-Bellwether is an open\-source MCP (Model Context Protocol) testing tool
-that provides structural drift detection and behavioral documentation
-for MCP servers.
-.SH COMMANDS
-.TP
-.B \f[B]check\f[] [\f[I]options\f[]] [server\-command]
-Schema validation and drift detection (free, fast, deterministic)
-.RS
-.RE
-.TP
-.B \f[B]explore\f[] [\f[I]options\f[]] [server\-command]
-LLM\-powered behavioral exploration and documentation
-.RS
-.RE
-.TP
-.B \f[B]discover\f[] [\f[I]options\f[]] [server\-command]
-Discover MCP server capabilities (tools, prompts, resources)
-.RS
-.RE
-.TP
-.B \f[B]watch\f[] [\f[I]options\f[]]
-Watch for MCP server changes and auto\-check
-.RS
-.RE
-.TP
-.B \f[B]init\f[] [\f[I]options\f[]] [server\-command]
-Initialize a bellwether.yaml configuration file
-.RS
-.RE
-.TP
-.B \f[B]auth\f[] \f[I]subcommand\f[] [\f[I]options\f[]]
-Manage LLM provider API keys
-.RS
-.RE
-.TP
-.B \f[B]baseline\f[] \f[I]subcommand\f[] [\f[I]options\f[]]
-Manage baselines for drift detection
-.RS
-.RE
-.TP
-.B \f[B]golden\f[] \f[I]subcommand\f[] [\f[I]options\f[]]
-Manage golden outputs for validation
-.RS
-.RE
-.TP
-.B \f[B]registry\f[] [\f[I]options\f[]] \f[I]search\f[]
-Search the MCP Registry for servers
-.RS
-.RE
-.TP
-.B \f[B]contract\f[] \f[I]subcommand\f[] [\f[I]options\f[]]
-Validate MCP servers against contracts
-.RS
-.RE
-.TP
-.B \f[B]validate\-config\f[] [\f[I]options\f[]]
-Validate bellwether.yaml configuration
-.RS
-.RE
-.SH GLOBAL OPTIONS
-.TP
-.B \f[B]\-h\f[], \f[B]\-\-help\f[]
-Show help message and exit
-.RS
-.RE
-.TP
-.B \f[B]\-\-version\f[]
-Show version information and exit
-.RS
-.RE
-.TP
-.B \f[B]\-\-log\-level\f[] \f[I]LEVEL\f[]
-Set log level: debug, info, warn, error, silent
-.RS
-.RE
-.TP
-.B \f[B]\-\-log\-file\f[] \f[I]PATH\f[]
-Write logs to file instead of stderr
-.RS
-.RE
-.SH EXAMPLES
-.PP
-Initialize configuration:
-.IP
-.nf
-\f[C]
-bellwether\ init\ npx\ \@modelcontextprotocol/server\-filesystem
-\f[]
-.fi
-.PP
-Run drift detection:
-.IP
-.nf
-\f[C]
-bellwether\ check
-\f[]
-.fi
-.PP
-Save baseline:
-.IP
-.nf
-\f[C]
-bellwether\ baseline\ save
-\f[]
-.fi
-.PP
-Explore with LLM:
-.IP
-.nf
-\f[C]
-bellwether\ explore
-\f[]
-.fi
-.SH FILES
-.TP
-.B \f[I]bellwether.yaml\f[]
-Configuration file for the project
-.RS
-.RE
-.TP
-.B \f[I]bellwether\-baseline.json\f[]
-Saved baseline for drift detection
-.RS
-.RE
-.TP
-.B \f[I]CONTRACT.md\f[]
-Generated contract documentation
-.RS
-.RE
-.TP
-.B \f[I]AGENTS.md\f[]
-Generated behavioral documentation
-.RS
-.RE
-.SH ENVIRONMENT
-.TP
-.B \f[I]OPENAI_API_KEY\f[]
-API key for OpenAI (explore mode only)
-.RS
-.RE
-.TP
-.B \f[I]ANTHROPIC_API_KEY\f[]
-API key for Anthropic (explore mode only)
-.RS
-.RE
-.TP
-.B \f[I]OLLAMA_BASE_URL\f[]
-Ollama URL (default: http://localhost:11434)
-.RS
-.RE
-.SH EXIT STATUS
-.TP
-.B \f[B]0\f[]
-Success, no changes detected
-.RS
-.RE
-.TP
-.B \f[B]1\f[]
-Info\-level changes only
-.RS
-.RE
-.TP
-.B \f[B]2\f[]
-Warning\-level changes
-.RS
-.RE
-.TP
-.B \f[B]3\f[]
-Breaking changes detected
-.RS
-.RE
-.TP
-.B \f[B]4\f[]
-Runtime error
-.RS
-.RE
-.TP
-.B \f[B]5\f[]
-Low confidence metrics
-.RS
-.RE
-.SH SEE ALSO
-.PP
-Project homepage: <https://github.com/dotsetlabs/bellwether>
-.PP
-Documentation: <https://docs.bellwether.sh>
-.PP
-MCP Specification: <https://modelcontextprotocol.io>
-.SH AUTHORS
-.PP
-Dotset Labs LLC <hello@dotsetlabs.com>

package/man/bellwether.1.md

@@ -1,148 +0,0 @@
----
-title: BELLWETHER
-section: 1
-header: User Commands
-footer: Bellwether 2.1.0
-date: 2026-02-11
----
-
-# NAME
-
-bellwether — MCP server testing and validation tool
-
-# SYNOPSIS
-
-**bellwether** [OPTIONS] COMMAND [ARGS...]
-
-**bellwether** **--version**
-
-**bellwether** **--help**
-
-# DESCRIPTION
-
-Bellwether is an open-source MCP (Model Context Protocol) testing tool that provides
-structural drift detection and behavioral documentation for MCP servers.
-
-# COMMANDS
-
-**check** [*options*] [server-command]
-:   Schema validation and drift detection (free, fast, deterministic)
-
-**explore** [*options*] [server-command]
-:   LLM-powered behavioral exploration and documentation
-
-**discover** [*options*] [server-command]
-:   Discover MCP server capabilities (tools, prompts, resources)
-
-**watch** [*options*]
-:   Watch for MCP server changes and auto-check
-
-**init** [*options*] [server-command]
-:   Initialize a bellwether.yaml configuration file
-
-**auth** *subcommand* [*options*]
-:   Manage LLM provider API keys
-
-**baseline** *subcommand* [*options*]
-:   Manage baselines for drift detection
-
-**golden** *subcommand* [*options*]
-:   Manage golden outputs for validation
-
-**registry** [*options*] *search*
-:   Search the MCP Registry for servers
-
-**contract** *subcommand* [*options*]
-:   Validate MCP servers against contracts
-
-**validate-config** [*options*]
-:   Validate bellwether.yaml configuration
-
-# GLOBAL OPTIONS
-
-**-h**, **--help**
-:   Show help message and exit
-
-**--version**
-:   Show version information and exit
-
-**--log-level** *LEVEL*
-:   Set log level: debug, info, warn, error, silent
-
-**--log-file** *PATH*
-:   Write logs to file instead of stderr
-
-# EXAMPLES
-
-Initialize configuration:
-
-    bellwether init npx @modelcontextprotocol/server-filesystem
-
-Run drift detection:
-
-    bellwether check
-
-Save baseline:
-
-    bellwether baseline save
-
-Explore with LLM:
-
-    bellwether explore
-
-# FILES
-
-*bellwether.yaml*
-:   Configuration file for the project
-
-*bellwether-baseline.json*
-:   Saved baseline for drift detection
-
-*CONTRACT.md*
-:   Generated contract documentation
-
-*AGENTS.md*
-:   Generated behavioral documentation
-
-# ENVIRONMENT
-
-*OPENAI_API_KEY*
-:   API key for OpenAI (explore mode only)
-
-*ANTHROPIC_API_KEY*
-:   API key for Anthropic (explore mode only)
-
-*OLLAMA_BASE_URL*
-:   Ollama URL (default: http://localhost:11434)
-
-# EXIT STATUS
-
-**0**
-:   Success, no changes detected
-
-**1**
-:   Info-level changes only
-
-**2**
-:   Warning-level changes
-
-**3**
-:   Breaking changes detected
-
-**4**
-:   Runtime error
-
-**5**
-:   Low confidence metrics
-
-# SEE ALSO
-
-Project homepage: <https://github.com/dotsetlabs/bellwether>
-
-Documentation: <https://docs.bellwether.sh>
-
-MCP Specification: <https://modelcontextprotocol.io>
-
-# AUTHORS
-
-Dotset Labs LLC <hello@dotsetlabs.com>