npm - @equilateral_ai/mindmeld - Versions diffs - 3.4.0 → 3.5.0 - Mend

@equilateral_ai/mindmeld 3.4.0 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/hooks/session-end.js +112 -3
package/package.json +1 -1
package/src/handlers/helpers/mindmeldMcpCore.js +594 -0
package/src/handlers/mcp/mindmeldMcpHandler.js +8 -573
package/src/handlers/mcp/mindmeldMcpStreamHandler.js +243 -0
package/src/handlers/users/userGet.js +3 -3

package/src/handlers/mcp/mindmeldMcpStreamHandler.js ADDED Viewed

@@ -0,0 +1,243 @@
+/**
+ * MindMeld MCP Streaming Handler — Lambda Function URL (RESPONSE_STREAM)
+ *
+ * Implements MCP Streamable HTTP transport (protocol version 2025-03-26):
+ * - POST: JSON-RPC messages, responds with JSON or SSE stream
+ * - GET:  Legacy SSE handshake (endpoint event + close)
+ * - DELETE: Session close
+ * - OPTIONS: CORS preflight
+ *
+ * Auth: X-MindMeld-Token header OR Authorization: Bearer token
+ *
+ * Uses awslambda.streamifyResponse() for Lambda Function URL streaming.
+ * The `awslambda` global is provided by the Lambda Node.js runtime.
+ */
+const { validateApiToken, handleJsonRpc, CORS_HEADERS } = require('./mindmeldMcpCore');
+const crypto = require('crypto');
+/**
+ * Write an SSE event to the response stream
+ */
+function writeSSE(stream, data, eventType) {
+    if (eventType) {
+        stream.write(`event: ${eventType}\n`);
+    }
+    stream.write(`data: ${JSON.stringify(data)}\n\n`);
+}
+/**
+ * Parse Lambda Function URL event (different format from API Gateway)
+ */
+function parseRequest(event) {
+    const http = event.requestContext?.http || {};
+    return {
+        method: http.method || 'GET',
+        path: http.path || '/',
+        headers: event.headers || {},
+        body: event.body || '',
+        isBase64Encoded: event.isBase64Encoded || false,
+    };
+}
+/**
+ * Create a response stream with headers
+ */
+function createStream(responseStream, statusCode, headers) {
+    return awslambda.HttpResponseStream.from(responseStream, {
+        statusCode,
+        headers: { ...CORS_HEADERS, ...headers },
+    });
+}
+// Lambda Function URL streaming handler
+const streamHandler = async (event, responseStream, _context) => {
+    const { method, headers, body, isBase64Encoded } = parseRequest(event);
+    // === OPTIONS: CORS preflight ===
+    if (method === 'OPTIONS') {
+        const stream = createStream(responseStream, 200, {
+            'Access-Control-Max-Age': '86400',
+        });
+        stream.end();
+        return;
+    }
+    // === DELETE: Session close ===
+    if (method === 'DELETE') {
+        const stream = createStream(responseStream, 200, {
+            'Content-Type': 'application/json',
+        });
+        stream.end();
+        return;
+    }
+    // === GET: Legacy SSE handshake ===
+    if (method === 'GET') {
+        const authResult = await validateApiToken(headers);
+        if (authResult.error) {
+            const stream = createStream(responseStream, 401, {
+                'Content-Type': 'application/json',
+            });
+            stream.write(JSON.stringify({ error: authResult.message }));
+            stream.end();
+            return;
+        }
+        const sessionId = crypto.randomUUID();
+        const stream = createStream(responseStream, 200, {
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            'Connection': 'keep-alive',
+            'Mcp-Session-Id': sessionId,
+        });
+        // Send endpoint event — legacy SSE clients expect this
+        stream.write(`event: endpoint\ndata: ${parseRequest(event).path}\n\n`);
+        // For Streamable HTTP clients probing via GET: close after endpoint event.
+        // The client will then POST to us for actual JSON-RPC messages.
+        stream.end();
+        return;
+    }
+    // === POST: Streamable HTTP JSON-RPC ===
+    if (method !== 'POST') {
+        const stream = createStream(responseStream, 405, {
+            'Content-Type': 'application/json',
+        });
+        stream.write(JSON.stringify({ error: 'Method not allowed' }));
+        stream.end();
+        return;
+    }
+    // Auth
+    const authResult = await validateApiToken(headers);
+    if (authResult.error) {
+        const stream = createStream(responseStream, 200, {
+            'Content-Type': 'application/json',
+        });
+        stream.write(JSON.stringify({
+            jsonrpc: '2.0',
+            error: { code: -32000, message: authResult.message },
+            id: null,
+        }));
+        stream.end();
+        return;
+    }
+    // Parse body (Function URL may base64-encode it)
+    let parsedBody;
+    try {
+        const raw = isBase64Encoded ? Buffer.from(body, 'base64').toString() : body;
+        parsedBody = JSON.parse(raw);
+    } catch (e) {
+        const stream = createStream(responseStream, 400, {
+            'Content-Type': 'application/json',
+        });
+        stream.write(JSON.stringify({
+            jsonrpc: '2.0',
+            error: { code: -32700, message: 'Parse error: invalid JSON' },
+            id: null,
+        }));
+        stream.end();
+        return;
+    }
+    // Session ID management
+    const sessionId = headers['mcp-session-id'] || crypto.randomUUID();
+    // Check if client wants SSE response
+    const acceptHeader = headers['accept'] || '';
+    const wantsSSE = acceptHeader.includes('text/event-stream');
+    if (wantsSSE) {
+        // === SSE streaming response ===
+        const stream = createStream(responseStream, 200, {
+            'Content-Type': 'text/event-stream',
+            'Cache-Control': 'no-cache',
+            'Mcp-Session-Id': sessionId,
+        });
+        if (Array.isArray(parsedBody)) {
+            for (const msg of parsedBody) {
+                const response = await handleJsonRpc(msg, authResult.user);
+                if (response) {
+                    writeSSE(stream, response, 'message');
+                }
+            }
+        } else {
+            const response = await handleJsonRpc(parsedBody, authResult.user);
+            if (response) {
+                writeSSE(stream, response, 'message');
+            }
+        }
+        stream.end();
+    } else {
+        // === Standard JSON response ===
+        const responseHeaders = {
+            'Content-Type': 'application/json',
+            'Mcp-Session-Id': sessionId,
+        };
+        if (Array.isArray(parsedBody)) {
+            const responses = [];
+            for (const msg of parsedBody) {
+                const response = await handleJsonRpc(msg, authResult.user);
+                if (response) responses.push(response);
+            }
+            const stream = createStream(responseStream,
+                responses.length > 0 ? 200 : 202, responseHeaders);
+            if (responses.length > 0) {
+                stream.write(JSON.stringify(responses));
+            }
+            stream.end();
+        } else {
+            const response = await handleJsonRpc(parsedBody, authResult.user);
+            if (!response) {
+                const stream = createStream(responseStream, 202, responseHeaders);
+                stream.end();
+            } else {
+                const stream = createStream(responseStream, 200, responseHeaders);
+                stream.write(JSON.stringify(response));
+                stream.end();
+            }
+        }
+    }
+};
+// awslambda is a global provided by the Lambda Node.js runtime.
+// In local/test environments it won't exist — export the raw handler for testing.
+if (typeof awslambda !== 'undefined') {
+    exports.handler = awslambda.streamifyResponse(streamHandler);
+} else {
+    // Fallback for local testing: wrap as standard async handler
+    exports.handler = async (event) => {
+        let result = { statusCode: 200, headers: {}, body: '' };
+        const mockStream = {
+            _headers: {},
+            _statusCode: 200,
+            _chunks: [],
+            write(chunk) { this._chunks.push(chunk); },
+            end() {},
+        };
+        // Mock awslambda.HttpResponseStream.from
+        const originalFrom = mockStream;
+        const createMockStream = (_rs, meta) => {
+            mockStream._statusCode = meta.statusCode;
+            mockStream._headers = meta.headers;
+            return mockStream;
+        };
+        global.awslambda = {
+            HttpResponseStream: { from: createMockStream },
+        };
+        await streamHandler(event, mockStream, {});
+        delete global.awslambda;
+        return {
+            statusCode: mockStream._statusCode,
+            headers: mockStream._headers,
+            body: mockStream._chunks.join(''),
+        };
+    };
+}

package/src/handlers/users/userGet.js CHANGED Viewed

@@ -95,9 +95,9 @@ async function getUser({ requestContext }) {
                         invariants: parseInt(usage.invariants) || 0
                     },
                     limits: {
-                        max_collaborators: tierConfig?.maxCollaborators || 1,
-                        max_projects: tierConfig?.maxProjects || 3,
-                        max_invariants: tierConfig?.maxInvariants || 10
+                        max_collaborators: tierConfig?.maxCollaborators ?? null,
+                        max_projects: tierConfig?.maxProjects ?? null,
+                        max_invariants: tierConfig?.maxInvariants ?? null
                     }
                 }]
             },