@dypai-ai/mcp 1.2.0 → 1.2.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dypai-ai/mcp",
-  "version": "1.2.0",
+  "version": "1.2.2",
   "description": "DYPAI MCP Server — AI agent toolkit for building and deploying full-stack apps",
   "type": "module",
   "main": "src/index.js",

package/src/index.js

@@ -80,27 +80,16 @@ const LOCAL_TOOLS = [
 
 const localToolMap = new Map(LOCAL_TOOLS.map(t => [t.name, t]))
 
-// ── Remote tools (loaded from MCP server at startup) ────────────────────────
-
-// Fallback definitions in case remote MCP is unreachable
-const FALLBACK_REMOTE_TOOLS = [
-  { name: "list_projects", description: "List all your projects.", inputSchema: { type: "object", properties: {}, required: [] } },
-  { name: "get_project", description: "Get project details.", inputSchema: { type: "object", properties: { project_id: { type: "string" } }, required: ["project_id"] } },
-  { name: "create_project", description: "Create a new project (free plan).", inputSchema: { type: "object", properties: { name: { type: "string" } }, required: ["name"] } },
-  { name: "execute_sql", description: "Run SQL on the project's database.", inputSchema: { type: "object", properties: { project_id: { type: "string" }, sql: { type: "string" } }, required: ["sql"] } },
-  { name: "create_endpoint", description: "Create an API endpoint.", inputSchema: { type: "object", properties: { project_id: { type: "string" }, name: { type: "string" }, method: { type: "string" }, workflow_code: { type: "object" } }, required: ["name", "method", "workflow_code"] } },
-  { name: "update_endpoint", description: "Update an endpoint.", inputSchema: { type: "object", properties: { project_id: { type: "string" }, name: { type: "string" } }, required: ["name"] } },
-  { name: "delete_endpoint", description: "Delete an endpoint.", inputSchema: { type: "object", properties: { project_id: { type: "string" }, name: { type: "string" } }, required: ["name"] } },
-  { name: "manage_users", description: "Manage auth users.", inputSchema: { type: "object", properties: { project_id: { type: "string" }, operation: { type: "string" } }, required: ["operation"] } },
-  { name: "manage_roles", description: "Manage roles.", inputSchema: { type: "object", properties: { project_id: { type: "string" }, operation: { type: "string" } }, required: ["operation"] } },
-  { name: "list_buckets", description: "List storage buckets.", inputSchema: { type: "object", properties: { project_id: { type: "string" } }, required: [] } },
-  { name: "search_docs", description: "Search documentation.", inputSchema: { type: "object", properties: { query: { type: "string" } }, required: ["query"] } },
-  { name: "search_workflow_templates", description: "Search workflow templates.", inputSchema: { type: "object", properties: { query: { type: "string" } }, required: ["query"] } },
-  { name: "search_project_templates", description: "Search project starter templates.", inputSchema: { type: "object", properties: { query: { type: "string" } }, required: ["query"] } },
-  { name: "search_nodes", description: "Search workflow nodes.", inputSchema: { type: "object", properties: { query: { type: "string" } }, required: ["query"] } },
-]
-
-// Descriptions match the remote MCP server (dypai-mcp) exactly
+// ── Remote tools (proxied to the remote MCP server) ────────────────────────
+//
+// The catalog below is the authoritative agent-facing contract. It doesn't
+// auto-sync from the remote — we define it here so tool descriptions stay
+// stable across remote deploys and so the git-first flow is discoverable
+// even when the remote's own tool descriptions drift.
+//
+// If the remote is unreachable, tool CALLS will fail at invoke time (the
+// proxy surfaces the error); the tool LIST stays the same so the agent
+// still sees a coherent catalog.
 const REMOTE_TOOLS = [
   // ── Project ───────────────────────────────────────────────────────────────
   { name: "list_projects", description: "Lists all projects you have access to across your organizations. Returns project id, name, description, organization, subscription plan, and status. Use this as the first step to discover which projects are available, then pass project_id to other tools.", inputSchema: { type: "object", properties: { organization_id: { type: "string", description: "Optional. Filter projects by organization UUID." } }, required: [] } },

package/src/tools/scaffold.js

@@ -108,7 +108,19 @@ Or use "blank" for an empty starter project.`,
       template: template || "blank",
       engine_url: engineUrl,
       sdk_client: "src/lib/dypai.ts",
-      message: `Project created at ${directory} with ${created} files.${installed ? " Dependencies installed." : " Run 'npm install' to install dependencies."} SDK client ready at src/lib/dypai.ts — import { dypai } from './lib/dypai' to use.`,
+      // Critical: dypai_pull without an absolute out_dir can land in $HOME
+      // when the MCP process cwd isn't the workspace. Tell the agent exactly
+      // what to pass next so the backend materializes INSIDE this project.
+      next_step: {
+        action: "materialize_backend",
+        tool: "dypai_pull",
+        args: {
+          project_id,
+          out_dir: join(directory, "dypai"),
+        },
+        why: "Use the ABSOLUTE dypai/ path inside the project you just created. A relative './dypai' can resolve to the wrong folder (e.g. $HOME) when the MCP isn't running from your workspace.",
+      },
+      message: `Project created at ${directory} with ${created} files.${installed ? " Dependencies installed." : " Run 'npm install' to install dependencies."} SDK client ready at src/lib/dypai.ts — import { dypai } from './lib/dypai' to use. Next: call dypai_pull with out_dir="${join(directory, "dypai")}" to materialize the backend inside this project.`,
     }
   },
 }

package/src/tools/sync/path-resolver.js

@@ -0,0 +1,99 @@
+/**
+ * Workspace-aware path resolution for dypai/ folder.
+ *
+ * The MCP often runs from $HOME (default cwd when an IDE spawns it over stdio).
+ * A naive `resolvePath(cwd, "./dypai")` lands in `~/dypai/` — silently writing
+ * files where the user will never find them, OR silently reading from an empty
+ * folder so push reports "no_changes" and the agent thinks everything is fine.
+ *
+ * This helper centralizes the resolution + suspicious-path detection so pull
+ * AND push share the exact same logic. Hard-stop is the caller's responsibility.
+ */
+
+import { existsSync } from "fs"
+import { isAbsolute, dirname, join, resolve as resolvePath, sep, delimiter } from "path"
+import { homedir } from "os"
+
+/**
+ * Resolve a (possibly relative) dypai/ path. Walks several signals in order:
+ *   1. absolute → use as-is
+ *   2. env vars set by IDEs (CLAUDE_PROJECT_DIR, WORKSPACE_FOLDER_PATHS, etc.)
+ *   3. walk UP from cwd looking for project markers (.git, package.json, dypai/)
+ *   4. fall back to cwd (often $HOME — flagged as suspicious by the warning fn)
+ *
+ * Returns { path, source } so the caller can render a helpful trace.
+ */
+export function resolveOutDir(outDir) {
+  if (isAbsolute(outDir)) return { path: outDir, source: "absolute" }
+
+  const envCandidates = [
+    ["CLAUDE_PROJECT_DIR", process.env.CLAUDE_PROJECT_DIR],
+    ["DYPAI_WORKSPACE_ROOT", process.env.DYPAI_WORKSPACE_ROOT],
+    ["WORKSPACE_FOLDER_PATHS", process.env.WORKSPACE_FOLDER_PATHS?.split(delimiter)[0]],
+    ["PROJECT_ROOT", process.env.PROJECT_ROOT],
+  ]
+  for (const [name, val] of envCandidates) {
+    if (val && isAbsolute(val)) return { path: resolvePath(val, outDir), source: `env:${name}` }
+  }
+
+  let cursor = process.cwd()
+  for (let i = 0; i < 6; i++) {
+    if (existsSync(join(cursor, ".git")) ||
+        existsSync(join(cursor, "package.json")) ||
+        existsSync(join(cursor, "dypai"))) {
+      return { path: resolvePath(cursor, outDir), source: "project_marker" }
+    }
+    const parent = dirname(cursor)
+    if (parent === cursor) break
+    cursor = parent
+  }
+
+  return { path: resolvePath(process.cwd(), outDir), source: "cwd_fallback" }
+}
+
+/**
+ * Return a warning string when the resolved path looks suspicious.
+ * Specifically: cwd_fallback that landed inside $HOME at depth ≤ 2.
+ * Returns null when the path looks fine.
+ */
+export function suspiciousPathWarning(resolvedPath, source) {
+  if (source === "absolute") return null
+  const home = homedir()
+  if (source === "cwd_fallback" && resolvedPath.startsWith(home + sep)) {
+    const rel = resolvedPath.slice(home.length + 1)
+    if (!rel.includes(sep) || rel.split(sep).length <= 2) {
+      return (
+        `Output landed at ${resolvedPath}. The MCP process cwd is your home dir, not your project. ` +
+        `Re-run with an ABSOLUTE path (e.g. ${home}/path/to/your-project/dypai) ` +
+        `or set the CLAUDE_PROJECT_DIR env var on the MCP entry.`
+      )
+    }
+  }
+  return null
+}
+
+/**
+ * Convenience wrapper: resolve + suspicious check + structured error builder.
+ * Returns { ok: true, path, source } on success, or { ok: false, error } when
+ * the resolved path is suspicious. Pull/push pass the error response straight back.
+ */
+export function resolveAndGuard(outDir, { project_id, tool, arg_name = "out_dir" } = {}) {
+  const { path, source } = resolveOutDir(outDir)
+  const warning = suspiciousPathWarning(path, source)
+  if (!warning) return { ok: true, path, source }
+
+  return {
+    ok: false,
+    error: {
+      success: false,
+      error: "Resolved path looks wrong — aborting before reading/writing any files.",
+      resolved_to: path,
+      resolved_via: source,
+      explanation: warning,
+      fix:
+        `Call ${tool || "this tool"} again with an ABSOLUTE ${arg_name} pointing inside your project, e.g.\n` +
+        `  ${tool || "<tool>"}({ ${project_id ? `project_id: "${project_id}", ` : ""}${arg_name}: "/absolute/path/to/your-project/dypai" })\n` +
+        `If you just ran download_template, reuse the "directory" it returned and append "/dypai".`,
+    },
+  }
+}

package/src/tools/sync/push.js

@@ -358,6 +358,13 @@ export const dypaiPushTool = {
       errors.push({ op: "realtime", error: e.message })
     }
 
+    // Names of endpoints that actually changed this run — drives the follow-up
+    // suggestion so the agent knows what to test next.
+    const changedNames = [
+      ...applied.created,
+      ...applied.updated.map(u => u.name),
+    ]
+
     return {
       success: errors.length === 0,
       applied: true,
@@ -375,7 +382,7 @@ export const dypaiPushTool = {
       next_step: errors.length
         ? "Fix the offending YAMLs and push again."
         : changedNames.length
-          ? `Test changed endpoint(s) with test_workflow: ${changedNames.slice(0, 3).join(", ")}${changedNames.length > 3 ? "…" : ""}`
+          ? `Test changed endpoint(s) with dypai_test_endpoint: ${changedNames.slice(0, 3).join(", ")}${changedNames.length > 3 ? "…" : ""}`
           : undefined,
       hint: errors.some(e => /credential/i.test(e.error))
         ? "A referenced credential doesn't exist remotely. Create it in the dashboard (same name), then retry."