@ekho/gitlab-mcp 1.1.0

package/README.md

@@ -0,0 +1,429 @@
+# gitlab-mcp
+
+Model Context Protocol server for GitLab. Speaks both REST and GraphQL — picks the better transport per operation. Targets **gitlab.com** primarily, with best-effort support for self-managed instances.
+
+Status: **v1.1.0** — all 10 phases shipped plus multipart upload (wiki attachments) and binary transfers (job artifacts, generic package files). Groups B, C, A, D, F, E, G, H, J, I — full coverage of the planned roadmap. See [`PLAN.md`](PLAN.md) for details on each phase.
+
+## Install
+
+From npm:
+
+```bash
+npm install -g @ekho/gitlab-mcp
+# or as a local dep
+npm install @ekho/gitlab-mcp
+```
+
+From source:
+
+```bash
+git clone https://gitlab.com/ekho_0/gitlab-mcp.git
+cd gitlab-mcp
+npm install
+npm run build
+```
+
+## Configuration
+
+The server reads environment variables:
+
+| Variable | Required | Default | Notes |
+|---|---|---|---|
+| `GITLAB_TOKEN` | yes | — | PAT, OAuth access token, project/group access token, or CI job token |
+| `GITLAB_TOKEN_TYPE` | no | `pat` | `pat` \| `oauth` \| `job` — controls auth header |
+| `GITLAB_BASE_URL` | no | `https://gitlab.com` | Override for self-managed |
+| `GITLAB_DEFAULT_PROJECT` | no | — | Numeric id or full path (`group/sub/project`). Used when a tool's `project_id` arg is omitted. |
+| `GITLAB_DEFAULT_GROUP` | no | — | Numeric id or full path |
+| `GITLAB_REQUEST_TIMEOUT_MS` | no | `30000` | Per-request timeout |
+| `GITLAB_MAX_RETRIES` | no | `3` | Retries on 429 and 5xx with exponential backoff |
+| `GITLAB_USER_AGENT` | no | `gitlab-mcp/<ver>` | Sent as `User-Agent` |
+
+### Required token scopes (PAT)
+
+- `api` — full read/write. Required for the write-heavy tools planned for Phase 1+.
+- `read_api` — read-only mode if you only need listing/inspection tools.
+
+## Wire into an MCP client
+
+For a stdio-based MCP client (e.g. Claude Code):
+
+```json
+{
+  "mcpServers": {
+    "gitlab": {
+      "command": "node",
+      "args": ["/absolute/path/to/gitlab-mcp/dist/index.js"],
+      "env": {
+        "GITLAB_TOKEN": "glpat-...",
+        "GITLAB_DEFAULT_PROJECT": "your-group/your-project"
+      }
+    }
+  }
+}
+```
+
+## Currently shipped tools
+
+### Smoke
+- `metadata_get`, `user_current`
+
+### Merge Requests (B1)
+- `merge_request_list`, `merge_request_get`, `merge_request_create`, `merge_request_update`
+- `merge_request_merge`, `merge_request_rebase`, `merge_request_close`, `merge_request_reopen`
+- `merge_request_changes`, `merge_request_commits`, `merge_request_pipelines`, `merge_request_participants`
+
+### Approvals (B2)
+- `merge_request_approve`, `merge_request_unapprove`, `merge_request_approval_state`
+- `approval_rule_list`, `approval_rule_create`, `approval_rule_update`, `approval_rule_delete`
+
+### Discussions & Notes (B3)
+- `discussion_list`, `discussion_create`, `discussion_reply`, `discussion_resolve`
+- `note_update`, `note_delete`, `suggestion_create`
+
+### Work Items (B4, B5) — via GraphQL
+- `work_item_list`, `work_item_get`, `work_item_types_list`
+- `work_item_create`, `work_item_update`, `work_item_delete`
+
+Epics are work items with `type=Epic`. Hierarchy (`parent_id`) sets the parent relationship.
+
+### Labels (B6)
+- `label_list_project`, `label_list_group`
+- `label_create`, `label_update`, `label_delete`
+- `label_subscribe`, `label_unsubscribe`
+
+### Milestones & Iterations (B7)
+- `milestone_list_project`, `milestone_list_group`, `milestone_get`
+- `milestone_create`, `milestone_update`, `milestone_close`, `milestone_delete`
+- `iteration_list_group`
+
+### Boards (B8) — read-only
+- `board_list_project`, `board_list_group`, `board_get`, `board_list_lists`
+
+### Todos & Notifications (B9)
+- `todo_list`, `todo_mark_done`, `todo_mark_all_done`
+- `notification_settings_get`, `notification_settings_update`
+
+### Pipelines (C1)
+- `pipeline_list`, `pipeline_get`, `pipeline_latest`
+- `pipeline_create`, `pipeline_retry`, `pipeline_cancel`, `pipeline_delete`
+- `pipeline_variables`, `pipeline_test_report`, `pipeline_test_report_summary`
+
+### Jobs (C2)
+- `job_list_pipeline`, `job_list_project`, `job_get`
+- `job_log` (with optional `tail_kb`), `job_retry`, `job_cancel`, `job_play`, `job_erase`
+- `job_artifacts_keep`, `job_artifacts_delete`
+- `job_artifacts_download` (full ZIP), `job_artifact_file_download` (single file)
+- `job_artifacts_download_by_ref`, `job_artifact_file_download_by_ref`
+- All `*_download*` accept `save_to` (write to file) or return base64 (capped by `max_inline_bytes`)
+
+### Pipeline Schedules (C3)
+- `schedule_list`, `schedule_get`, `schedule_create`, `schedule_update`, `schedule_delete`
+- `schedule_play`, `schedule_take_ownership`
+- `schedule_variable_create`, `schedule_variable_update`, `schedule_variable_delete`
+
+### Pipeline Triggers (C4)
+- `trigger_list`, `trigger_get`, `trigger_create`, `trigger_update`, `trigger_delete`
+- `trigger_run_pipeline` (passes variables as `variables[KEY]=value`)
+
+### CI/CD Variables (C5)
+- `variable_list_project|group|instance`, `variable_get_*`
+- `variable_create_*`, `variable_update_*`, `variable_delete_*`
+- Project/group variants accept `filter_environment_scope` to disambiguate by env
+
+### Runners (C6)
+- `runner_list` (own), `runner_list_all` (admin), `runner_list_project`, `runner_list_group`
+- `runner_get`, `runner_update`, `runner_pause`, `runner_delete`, `runner_jobs`
+
+### CI Lint (C7)
+- `ci_lint` (instance), `ci_lint_project` (with include context, ref, dry_run, merged_yaml)
+
+### CI Catalog (C8) — GraphQL
+- `catalog_resource_list`, `catalog_resource_get`
+
+### Projects (A1)
+- `project_list`, `project_get`, `project_create`, `project_fork`
+- `project_update`, `project_archive`, `project_unarchive`, `project_delete`
+- `project_languages`, `project_star`, `project_unstar`, `project_transfer`
+
+### Groups (A2)
+- `group_list`, `group_get`, `group_create`, `group_update`, `group_delete`
+- `group_subgroups`, `group_descendants`, `group_projects`, `group_shared_projects`
+- `group_transfer_project`
+
+### Repository files (A3)
+- `file_get`, `file_get_raw`, `file_create`, `file_update`, `file_delete`
+- `file_blame`, `tree_list`
+- `commit_actions` (batch create/update/delete/move/chmod in a single commit)
+
+### Branches (A4)
+- `branch_list`, `branch_get`, `branch_create`, `branch_delete`, `branch_delete_merged`
+- `protected_branch_list`, `protected_branch_get`, `protected_branch_protect`
+- `protected_branch_update`, `protected_branch_unprotect`
+
+### Tags (A5)
+- `tag_list`, `tag_get`, `tag_create`, `tag_delete`
+- `protected_tag_list`, `protected_tag_get`, `protected_tag_protect`, `protected_tag_unprotect`
+
+### Commits & Compare (A6, A7)
+- `commit_list`, `commit_get`, `commit_diff`, `commit_refs`
+- `commit_cherry_pick`, `commit_revert`
+- `commit_comment_list`, `commit_comment_create`
+- `commit_status_list`, `commit_status_set`
+- `repository_compare`, `repository_merge_base`
+
+### Code search (A8)
+- `code_search`, `commit_search`, `wiki_search` (each accepts scope: global | group | project)
+
+### Releases (D1)
+- `release_list`, `release_get`, `release_create`, `release_update`, `release_delete`
+- `release_link_list`, `release_link_get`, `release_link_create`, `release_link_update`, `release_link_delete`
+
+### Environments (D2)
+- `environment_list`, `environment_get`
+- `environment_create`, `environment_update`, `environment_delete`
+- `environment_stop`, `environment_stop_stale`
+
+### Deployments (D3)
+- `deployment_list`, `deployment_get`, `deployment_create`, `deployment_update`
+- `deployment_approval` (approve/reject for protected envs)
+- `deployment_merge_requests`
+
+### Feature Flags (D4)
+- `feature_flag_list`, `feature_flag_get`, `feature_flag_create`, `feature_flag_update`, `feature_flag_delete`
+- `feature_flag_user_list_list`, `feature_flag_user_list_get`,
+  `feature_flag_user_list_create`, `feature_flag_user_list_update`, `feature_flag_user_list_delete`
+
+### Packages (D5)
+- `package_list_project`, `package_list_group`, `package_get`
+- `package_files`, `package_file_delete`, `package_delete`
+- Generic registry: `package_file_download_generic`, `package_file_upload_generic`
+  (accepts `content_base64` or `local_path`)
+
+### Container Registry (D6)
+- `registry_repository_list_project`, `registry_repository_list_group`
+- `registry_repository_get`, `registry_repository_delete`
+- `registry_tag_list`, `registry_tag_get`
+- `registry_tag_delete`, `registry_tag_bulk_delete` (by regex with keep_n/older_than)
+
+### Users (F1)
+- `user_list`, `user_get`, `user_search`, `user_create`, `user_update`, `user_delete`
+- `user_block`/`user_unblock`/`user_activate`/`user_deactivate`/`user_ban`/`user_unban`
+- `user_set_state` (convenience by enum)
+
+### Members (F2)
+- `member_list_project`, `member_list_group` (with `inherited` flag for "all")
+- `member_get`, `member_add`, `member_update`, `member_remove`
+- `billable_member_list_group`, `billable_member_remove_group`
+
+### Access Tokens (F3)
+- `pat_list`, `pat_get`, `pat_create_self` (16.5+), `pat_create_for_user` (admin)
+- `pat_revoke`, `pat_rotate`
+- `project_access_token_list`/`create`/`revoke`/`rotate`
+- `group_access_token_list`/`create`/`revoke`/`rotate`
+
+### Keys (F4)
+- SSH: `ssh_key_list`, `ssh_key_get`, `ssh_key_create`, `ssh_key_delete`
+- GPG: `gpg_key_list`, `gpg_key_create`, `gpg_key_delete`
+- Deploy: `deploy_key_list_project`/`list_all`/`get`/`add`/`update`/`enable`/`delete`
+
+### Custom Roles (F5) — Premium+, GraphQL
+- `member_role_list_group`, `member_role_create`, `member_role_update`, `member_role_delete`
+
+### Vulnerabilities (E1) — Ultimate
+- `vulnerability_list_project`, `vulnerability_list_group` (GraphQL)
+- `vulnerability_get` (REST)
+- `vulnerability_dismiss`/`confirm`/`resolve`/`revert` (REST)
+- `vulnerability_create_issue_link`
+
+### Security Reports (E2) — Ultimate
+- `security_report_findings_pipeline` (GraphQL, per pipeline)
+
+### Security Policies (E3) — Ultimate, read-only
+- `security_policy_list_project`, `security_policy_list_group`
+- `security_policy_sync_status`
+
+### Compliance Frameworks (E4) — Premium+
+- `compliance_framework_list`, `compliance_framework_get`
+- `compliance_framework_create`, `compliance_framework_update`, `compliance_framework_delete`
+- `compliance_framework_assign_project` (via GraphQL, accepts framework_id=null to unassign)
+
+### Audit Events (E5) — Premium+
+- `audit_event_list_instance`/`list_group`/`list_project` + `get_*`
+- Streaming (Ultimate): `audit_streaming_destination_list`/`get`/`create`/`update`/`delete`
+
+### Secrets Management (E6) — GraphQL, project 17.8+ / group 18.9+
+- `project_secret_list`, `project_secret_get`, `project_secret_create`,
+  `project_secret_update`, `project_secret_delete`
+- `group_secret_list`, `group_secret_get`, `group_secret_create`,
+  `group_secret_update`, `group_secret_delete`
+
+### Protected Environments (E7) — Premium+
+- `protected_environment_list`, `protected_environment_get`
+- `protected_environment_protect`, `protected_environment_update`, `protected_environment_unprotect`
+
+### Webhooks (G1)
+- Project: `hook_list_project`/`get_project`/`create_project`/`update_project`/`delete_project`/`test_project`
+- Group: `hook_list_group`/`get_group`/`create_group`/`update_group`/`delete_group`/`test_group`
+- System (admin): `hook_list_system`/`create_system`/`delete_system`/`test_system`
+
+### Integrations (G2)
+- Generic: `integration_list_project`, `integration_get`, `integration_set` (any slug), `integration_delete`
+- Shortcuts: `integration_set_slack`, `integration_set_mattermost`, `integration_set_jira`, `integration_set_microsoft_teams`
+
+### Events (G3)
+- `event_list_current_user`, `event_list_user`, `event_list_project`
+
+### Wiki (H1)
+- `wiki_list_project`, `wiki_list_group`
+- `wiki_get`, `wiki_create`, `wiki_update`, `wiki_delete` (scope: project | group)
+- `wiki_attachment_upload` (multipart) — accepts `content_base64` or `local_path`
+
+### Snippets (H2)
+- Personal: `snippet_list_personal`/`list_public`/`get`/`create`/`update`/`delete`/`raw`
+- Project: `snippet_list_project`/`get_project`/`create_project`/`update_project`/`delete_project`/`raw_project`
+- Multi-file snippets via `files: [{action, file_path, content, ...}]`
+
+### Search (H3)
+- `search` (single tool) — `where: global | group | project`, `scope: projects | issues | merge_requests | milestones | snippet_titles | snippet_blobs | users | blobs | commits | wiki_blobs | notes`
+
+### Analytics (J1)
+- `dora_metrics_project`, `dora_metrics_group` (Ultimate)
+- `contribution_analytics_group`
+- `group_activity_issues_count`, `group_activity_merge_requests_count`, `group_activity_new_members_count`
+- `usage_trends_get` (GraphQL, instance admin)
+
+### Statistics (J2)
+- `project_storage_breakdown`, `group_storage_breakdown`
+- `ci_minutes_usage_namespace`
+
+### Admin / Instance (J3) — admin only
+- `application_settings_get`, `application_settings_update`
+- `application_list`, `application_create`, `application_delete` (OAuth apps)
+- `broadcast_message_list`/`get`/`create`/`update`/`delete`
+- `license_get_current`, `license_list`, `license_add`, `license_delete` (self-managed)
+- `version_get`
+
+### Duo Chat (I1) — GraphQL, gitlab.com Duo / Duo Enterprise
+- `ai_thread_list`, `ai_message_list`, `ai_chat_context_presets`
+- `ai_chat_send` — returns request_id; poll `ai_message_list` for the response
+
+### AI Catalog (I2) — GraphQL
+- `ai_catalog_item_list`, `ai_catalog_item_get`
+- `ai_self_hosted_model_list` (Duo Enterprise on-prem)
+
+## Development
+
+```bash
+npm run dev          # tsx watch on src/index.ts
+npm run typecheck    # tsc --noEmit
+npm test             # unit tests (mocked HTTP, no network)
+npm run lint
+npm run format
+```
+
+Live smoke test against the configured GitLab (hits real endpoints):
+
+```bash
+GITLAB_TOKEN=glpat-... npm run test:smoke
+```
+
+## Releasing
+
+The repo ships with a `.gitlab-ci.yml` that runs typecheck/tests/build on every push and publishes to npm on `v*` tags.
+
+**One-time setup:**
+1. Create an automation token at https://www.npmjs.com/settings/<user>/tokens (use "Automation" type so npm 2FA does not block CI).
+2. In GitLab: Settings → CI/CD → Variables → Add variable
+   - Key: `NPM_TOKEN`
+   - Value: <the token>
+   - Flags: **Masked** and **Protected**
+3. Make sure the `v*` tag pattern is protected: Settings → Repository → Protected tags → Add `v*`.
+
+**Cutting a release:**
+```bash
+# 1. Bump the version in package.json (manually or via npm version <patch|minor|major>)
+npm version minor       # also creates the commit and the v<N> tag
+git push --follow-tags
+```
+
+The `publish_npm` job will fire on the tag pipeline. It verifies that the tag (`v1.2.0` → `1.2.0`) matches `package.json` before running `npm publish`.
+
+**Local publish (no CI):**
+```bash
+npm login                       # interactive, browser-based
+npm pack --dry-run              # preview tarball contents
+npm publish --access public     # publishes the current version
+```
+`prepublishOnly` will clean, typecheck, test, and build first.
+
+## Architecture
+
+```
+src/
+  index.ts            # MCP stdio entry
+  config.ts           # env → Config via zod
+  http/
+    rest.ts           # undici-based REST with retry, pagination
+    graphql.ts        # POST /api/graphql with errors[] surfacing
+    errors.ts         # GitLabApiError
+  shared/
+    ids.ts            # encodeId, resolveProject/GroupId, toGlobalId
+  tools/
+    registry.ts       # registers each group
+    meta.ts           # smoke tools
+    types.ts          # ToolContext + result helpers
+  groups/             # one folder per functional group
+    merge_requests/   # B1 + B2
+    discussions/      # B3
+    work_items/       # B4 + B5 (GraphQL)
+    labels/           # B6
+    milestones/       # B7
+    boards/           # B8
+    todos/            # B9
+    pipelines/        # C1
+    jobs/             # C2
+    pipeline_schedules/   # C3
+    pipeline_triggers/    # C4
+    ci_variables/     # C5
+    runners/          # C6
+    ci_lint/          # C7
+    ci_catalog/       # C8 (GraphQL)
+    projects/         # A1
+    groups/           # A2
+    repository_files/ # A3
+    branches/         # A4
+    tags/             # A5
+    commits/          # A6 + A7
+    code_search/      # A8
+    releases/         # D1
+    environments/     # D2
+    deployments/      # D3
+    feature_flags/    # D4
+    packages/         # D5
+    container_registry/  # D6
+    users/            # F1
+    members/          # F2
+    access_tokens/    # F3
+    keys/             # F4
+    custom_roles/     # F5 (GraphQL)
+    vulnerabilities/  # E1 (REST + GraphQL)
+    security_reports/ # E2 (GraphQL)
+    security_policies/    # E3 (GraphQL)
+    compliance/       # E4
+    audit_events/     # E5
+    secrets/          # E6 (GraphQL)
+    protected_environments/  # E7
+    webhooks/         # G1
+    integrations/     # G2
+    events/           # G3
+    wiki/             # H1
+    snippets/         # H2
+    search/           # H3
+    analytics/        # J1
+    statistics/       # J2
+    admin/            # J3
+    duo_chat/         # I1 (GraphQL)
+    ai_catalog/       # I2 (GraphQL)
+```
+
+Each future group lands as a new folder under `src/groups/`. See [`PLAN.md`](PLAN.md) for the per-group tool inventory.

package/dist/config.d.ts

@@ -0,0 +1,35 @@
+import { z } from 'zod';
+declare const TokenType: z.ZodEnum<["pat", "oauth", "job"]>;
+export type TokenType = z.infer<typeof TokenType>;
+declare const ConfigSchema: z.ZodObject<{
+    baseUrl: z.ZodDefault<z.ZodString>;
+    token: z.ZodString;
+    tokenType: z.ZodDefault<z.ZodEnum<["pat", "oauth", "job"]>>;
+    defaultProject: z.ZodOptional<z.ZodString>;
+    defaultGroup: z.ZodOptional<z.ZodString>;
+    userAgent: z.ZodDefault<z.ZodString>;
+    requestTimeoutMs: z.ZodDefault<z.ZodNumber>;
+    maxRetries: z.ZodDefault<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    baseUrl: string;
+    token: string;
+    tokenType: "pat" | "oauth" | "job";
+    userAgent: string;
+    requestTimeoutMs: number;
+    maxRetries: number;
+    defaultProject?: string | undefined;
+    defaultGroup?: string | undefined;
+}, {
+    token: string;
+    baseUrl?: string | undefined;
+    tokenType?: "pat" | "oauth" | "job" | undefined;
+    defaultProject?: string | undefined;
+    defaultGroup?: string | undefined;
+    userAgent?: string | undefined;
+    requestTimeoutMs?: number | undefined;
+    maxRetries?: number | undefined;
+}>;
+export type Config = z.infer<typeof ConfigSchema>;
+export declare function loadConfig(env?: NodeJS.ProcessEnv): Config;
+export declare function authHeader(cfg: Pick<Config, 'token' | 'tokenType'>): Record<string, string>;
+export {};

package/dist/config.js

@@ -0,0 +1,59 @@
+import { z } from 'zod';
+const TokenType = z.enum(['pat', 'oauth', 'job']);
+const ConfigSchema = z.object({
+    baseUrl: z.string().url().default('https://gitlab.com'),
+    token: z.string().min(1, 'GITLAB_TOKEN is required'),
+    tokenType: TokenType.default('pat'),
+    defaultProject: z.string().optional(),
+    defaultGroup: z.string().optional(),
+    userAgent: z.string().default('gitlab-mcp/0.0.1'),
+    requestTimeoutMs: z.number().int().positive().default(30_000),
+    maxRetries: z.number().int().min(0).default(3),
+});
+export function loadConfig(env = process.env) {
+    const parsed = ConfigSchema.safeParse({
+        baseUrl: env.GITLAB_BASE_URL,
+        token: env.GITLAB_TOKEN,
+        tokenType: env.GITLAB_TOKEN_TYPE,
+        defaultProject: env.GITLAB_DEFAULT_PROJECT,
+        defaultGroup: env.GITLAB_DEFAULT_GROUP,
+        userAgent: env.GITLAB_USER_AGENT,
+        requestTimeoutMs: env.GITLAB_REQUEST_TIMEOUT_MS
+            ? Number(env.GITLAB_REQUEST_TIMEOUT_MS)
+            : undefined,
+        maxRetries: env.GITLAB_MAX_RETRIES ? Number(env.GITLAB_MAX_RETRIES) : undefined,
+    });
+    if (!parsed.success) {
+        const issues = parsed.error.issues
+            .map((i) => `  - ${envNameFor(i.path[0])}: ${i.message}`)
+            .join('\n');
+        throw new Error(`Invalid GitLab MCP configuration:\n${issues}`);
+    }
+    return parsed.data;
+}
+const ENV_FOR_FIELD = {
+    baseUrl: 'GITLAB_BASE_URL',
+    token: 'GITLAB_TOKEN',
+    tokenType: 'GITLAB_TOKEN_TYPE',
+    defaultProject: 'GITLAB_DEFAULT_PROJECT',
+    defaultGroup: 'GITLAB_DEFAULT_GROUP',
+    userAgent: 'GITLAB_USER_AGENT',
+    requestTimeoutMs: 'GITLAB_REQUEST_TIMEOUT_MS',
+    maxRetries: 'GITLAB_MAX_RETRIES',
+};
+function envNameFor(field) {
+    if (typeof field !== 'string')
+        return '<config>';
+    return ENV_FOR_FIELD[field] ?? field;
+}
+export function authHeader(cfg) {
+    switch (cfg.tokenType) {
+        case 'pat':
+            return { 'PRIVATE-TOKEN': cfg.token };
+        case 'oauth':
+            return { Authorization: `Bearer ${cfg.token}` };
+        case 'job':
+            return { 'JOB-TOKEN': cfg.token };
+    }
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,SAAS,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAGlD,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5B,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,oBAAoB,CAAC;IACvD,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,0BAA0B,CAAC;IACpD,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC;IACnC,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACnC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,kBAAkB,CAAC;IACjD,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC;IAC7D,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;CAC/C,CAAC,CAAC;AAIH,MAAM,UAAU,UAAU,CAAC,MAAyB,OAAO,CAAC,GAAG;IAC7D,MAAM,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC;QACpC,OAAO,EAAE,GAAG,CAAC,eAAe;QAC5B,KAAK,EAAE,GAAG,CAAC,YAAY;QACvB,SAAS,EAAE,GAAG,CAAC,iBAAiB;QAChC,cAAc,EAAE,GAAG,CAAC,sBAAsB;QAC1C,YAAY,EAAE,GAAG,CAAC,oBAAoB;QACtC,SAAS,EAAE,GAAG,CAAC,iBAAiB;QAChC,gBAAgB,EAAE,GAAG,CAAC,yBAAyB;YAC7C,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,yBAAyB,CAAC;YACvC,CAAC,CAAC,SAAS;QACb,UAAU,EAAE,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,SAAS;KAChF,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM;aAC/B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;aACxD,IAAI,CAAC,IAAI,CAAC,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,EAAE,CAAC,CAAC;IAClE,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,CAAC;AACrB,CAAC;AAED,MAAM,aAAa,GAA2B;IAC5C,OAAO,EAAE,iBAAiB;IAC1B,KAAK,EAAE,cAAc;IACrB,SAAS,EAAE,mBAAmB;IAC9B,cAAc,EAAE,wBAAwB;IACxC,YAAY,EAAE,sBAAsB;IACpC,SAAS,EAAE,mBAAmB;IAC9B,gBAAgB,EAAE,2BAA2B;IAC7C,UAAU,EAAE,oBAAoB;CACjC,CAAC;AAEF,SAAS,UAAU,CAAC,KAAkC;IACpD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,UAAU,CAAC;IACjD,OAAO,aAAa,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,GAAwC;IACjE,QAAQ,GAAG,CAAC,SAAS,EAAE,CAAC;QACtB,KAAK,KAAK;YACR,OAAO,EAAE,eAAe,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;QACxC,KAAK,OAAO;YACV,OAAO,EAAE,aAAa,EAAE,UAAU,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC;QAClD,KAAK,KAAK;YACR,OAAO,EAAE,WAAW,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC;IACtC,CAAC;AACH,CAAC"}

package/dist/groups/access_tokens/tools.d.ts

@@ -0,0 +1,3 @@
+import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import type { ToolContext } from '../../tools/types.js';
+export declare function registerAccessTokenTools(server: McpServer, ctx: ToolContext): void;