@evantahler/mcpx 0.18.3 → 0.18.6

package/src/commands/add.ts

@@ -1,179 +1,174 @@
 import type { Command } from "commander";
-import type { ServerConfig } from "../config/schemas.ts";
+import { resolveResourceUrl, tryOAuthIfSupported } from "../client/oauth.ts";
 import { loadRawAuth, loadRawServers, saveServers } from "../config/loader.ts";
-import { tryOAuthIfSupported, resolveResourceUrl } from "../client/oauth.ts";
+import type { ServerConfig } from "../config/schemas.ts";
 import { runIndex } from "./index.ts";
 
 export function registerAddCommand(program: Command) {
-  program
-    .command("add <name>")
-    .description("add an MCP server to your config")
-    .option("--command <cmd>", "command to run (stdio server)")
-    .option("--args <args>", "comma-separated arguments for the command")
-    .option("--env <vars>", "comma-separated KEY=VAL environment variables")
-    .option("--cwd <dir>", "working directory for the command")
-    .option("--url <url>", "server URL (HTTP server)")
-    .option("--header <h>", "header in Key:Value format (repeatable)", collect, [])
-    .option("--transport <type>", 'transport for HTTP servers: "sse" or "streamable-http"')
-    .option("--allowed-tools <tools>", "comma-separated list of allowed tools")
-    .option("--disabled-tools <tools>", "comma-separated list of disabled tools")
-    .option("-f, --force", "overwrite if server already exists")
-    .option("--no-auth", "skip automatic OAuth authentication after adding an HTTP server")
-    .option("--no-index", "skip rebuilding the search index after adding")
-    .action(
-      async (
-        name: string,
-        options: {
-          command?: string;
-          args?: string;
-          env?: string;
-          cwd?: string;
-          url?: string;
-          header?: string[];
-          transport?: string;
-          allowedTools?: string;
-          disabledTools?: string;
-          force?: boolean;
-          auth?: boolean;
-          index?: boolean;
-        },
-      ) => {
-        const hasCommand = !!options.command;
-        const hasUrl = !!options.url;
-
-        if (!hasCommand && !hasUrl) {
-          console.error("Must specify --command (stdio) or --url (http)");
-          process.exit(1);
-        }
-        if (hasCommand && hasUrl) {
-          console.error("Cannot specify both --command and --url");
-          process.exit(1);
-        }
-
-        const configFlag = program.opts().config;
-        const { configDir, servers } = await loadRawServers(configFlag);
-
-        if (servers.mcpServers[name] && !options.force) {
-          console.error(`Server "${name}" already exists (use --force to overwrite)`);
-          process.exit(1);
-        }
-
-        let config: ServerConfig;
-
-        if (hasCommand) {
-          config = buildStdioConfig(options);
-        } else {
-          config = buildHttpConfig(options);
-        }
-
-        if (hasUrl && options.transport) {
-          if (options.transport !== "sse" && options.transport !== "streamable-http") {
-            console.error('--transport must be "sse" or "streamable-http"');
-            process.exit(1);
-          }
-          (config as { transport: string }).transport = options.transport;
-        }
-
-        // Common options
-        if (options.allowedTools) {
-          config.allowedTools = options.allowedTools.split(",").map((t) => t.trim());
-        }
-        if (options.disabledTools) {
-          config.disabledTools = options.disabledTools.split(",").map((t) => t.trim());
-        }
-
-        // For HTTP servers, resolve the canonical resource URL before saving.
-        // Some servers (e.g. hf.co → huggingface.co) advertise a different canonical
-        // URL in their OAuth protected resource metadata, and the SDK enforces that the
-        // stored URL matches this canonical URL during the OAuth token flow.
-        let effectiveUrl = options.url!;
-        if (hasUrl && options.auth !== false) {
-          const canonical = await resolveResourceUrl(effectiveUrl);
-          if (canonical !== effectiveUrl) {
-            (config as { url: string }).url = canonical;
-            effectiveUrl = canonical;
-            console.log(`Resolved canonical URL: ${canonical}`);
-          }
-        }
-
-        servers.mcpServers[name] = config;
-        await saveServers(configDir, servers);
-        console.log(`Added server "${name}" to ${configDir}/servers.json`);
-
-        // Auto-auth: probe for OAuth support and run the flow if supported
-        if (hasUrl && options.auth !== false) {
-          const auth = await loadRawAuth(configDir);
-          const formatOptions = {
-            json: !!program.opts().json,
-            verbose: !!program.opts().verbose,
-            showSecrets: false,
-          };
-          try {
-            await tryOAuthIfSupported(name, effectiveUrl, configDir, auth, formatOptions);
-          } catch {
-            console.error(`Warning: OAuth authentication failed. Run: mcpx auth ${name}`);
-          }
-        }
-
-        // Commander treats --no-index as index=false (default true)
-        if (options.index !== false) {
-          await runIndex(program);
-        }
-      },
-    );
+	program
+		.command("add <name>")
+		.description("add an MCP server to your config")
+		.option("--command <cmd>", "command to run (stdio server)")
+		.option("--args <args>", "comma-separated arguments for the command")
+		.option("--env <vars>", "comma-separated KEY=VAL environment variables")
+		.option("--cwd <dir>", "working directory for the command")
+		.option("--url <url>", "server URL (HTTP server)")
+		.option("--header <h>", "header in Key:Value format (repeatable)", collect, [])
+		.option("--transport <type>", 'transport for HTTP servers: "sse" or "streamable-http"')
+		.option("--allowed-tools <tools>", "comma-separated list of allowed tools")
+		.option("--disabled-tools <tools>", "comma-separated list of disabled tools")
+		.option("-f, --force", "overwrite if server already exists")
+		.option("--no-auth", "skip automatic OAuth authentication after adding an HTTP server")
+		.option("--no-index", "skip rebuilding the search index after adding")
+		.action(
+			async (
+				name: string,
+				options: {
+					command?: string;
+					args?: string;
+					env?: string;
+					cwd?: string;
+					url?: string;
+					header?: string[];
+					transport?: string;
+					allowedTools?: string;
+					disabledTools?: string;
+					force?: boolean;
+					auth?: boolean;
+					index?: boolean;
+				},
+			) => {
+				const hasCommand = !!options.command;
+				const hasUrl = !!options.url;
+
+				if (!hasCommand && !hasUrl) {
+					console.error("Must specify --command (stdio) or --url (http)");
+					process.exit(1);
+				}
+				if (hasCommand && hasUrl) {
+					console.error("Cannot specify both --command and --url");
+					process.exit(1);
+				}
+
+				const configFlag = program.opts().config;
+				const { configDir, servers } = await loadRawServers(configFlag);
+
+				if (servers.mcpServers[name] && !options.force) {
+					console.error(`Server "${name}" already exists (use --force to overwrite)`);
+					process.exit(1);
+				}
+
+				let config: ServerConfig;
+
+				if (hasCommand) {
+					config = buildStdioConfig(options);
+				} else {
+					config = buildHttpConfig(options);
+				}
+
+				if (hasUrl && options.transport) {
+					if (options.transport !== "sse" && options.transport !== "streamable-http") {
+						console.error('--transport must be "sse" or "streamable-http"');
+						process.exit(1);
+					}
+					(config as { transport: string }).transport = options.transport;
+				}
+
+				// Common options
+				if (options.allowedTools) {
+					config.allowedTools = options.allowedTools.split(",").map((t) => t.trim());
+				}
+				if (options.disabledTools) {
+					config.disabledTools = options.disabledTools.split(",").map((t) => t.trim());
+				}
+
+				// For HTTP servers, resolve the canonical resource URL before saving.
+				// Some servers (e.g. hf.co → huggingface.co) advertise a different canonical
+				// URL in their OAuth protected resource metadata, and the SDK enforces that the
+				// stored URL matches this canonical URL during the OAuth token flow.
+				let effectiveUrl = options.url!;
+				if (hasUrl && options.auth !== false) {
+					const canonical = await resolveResourceUrl(effectiveUrl);
+					if (canonical !== effectiveUrl) {
+						(config as { url: string }).url = canonical;
+						effectiveUrl = canonical;
+						console.log(`Resolved canonical URL: ${canonical}`);
+					}
+				}
+
+				servers.mcpServers[name] = config;
+				await saveServers(configDir, servers);
+				console.log(`Added server "${name}" to ${configDir}/servers.json`);
+
+				// Auto-auth: probe for OAuth support and run the flow if supported
+				if (hasUrl && options.auth !== false) {
+					const auth = await loadRawAuth(configDir);
+					const formatOptions = {
+						json: !!program.opts().json,
+						verbose: !!program.opts().verbose,
+						showSecrets: false,
+					};
+					try {
+						await tryOAuthIfSupported(name, effectiveUrl, configDir, auth, formatOptions);
+					} catch {
+						console.error(`Warning: OAuth authentication failed. Run: mcpx auth ${name}`);
+					}
+				}
+
+				// Commander treats --no-index as index=false (default true)
+				if (options.index !== false) {
+					await runIndex(program);
+				}
+			},
+		);
 }
 
 function collect(value: string, previous: string[]): string[] {
-  return previous.concat([value]);
+	return previous.concat([value]);
 }
 
-function buildStdioConfig(options: {
-  command?: string;
-  args?: string;
-  env?: string;
-  cwd?: string;
-}): ServerConfig {
-  const config: Record<string, unknown> = { command: options.command! };
-
-  if (options.args) {
-    config.args = options.args.split(",").map((a) => a.trim());
-  }
-
-  if (options.env) {
-    const env: Record<string, string> = {};
-    for (const pair of options.env.split(",")) {
-      const eqIdx = pair.indexOf("=");
-      if (eqIdx === -1) {
-        console.error(`Invalid env format "${pair}", expected KEY=VAL`);
-        process.exit(1);
-      }
-      env[pair.slice(0, eqIdx).trim()] = pair.slice(eqIdx + 1).trim();
-    }
-    config.env = env;
-  }
-
-  if (options.cwd) {
-    config.cwd = options.cwd;
-  }
-
-  return config as unknown as ServerConfig;
+function buildStdioConfig(options: { command?: string; args?: string; env?: string; cwd?: string }): ServerConfig {
+	const config: Record<string, unknown> = { command: options.command! };
+
+	if (options.args) {
+		config.args = options.args.split(",").map((a) => a.trim());
+	}
+
+	if (options.env) {
+		const env: Record<string, string> = {};
+		for (const pair of options.env.split(",")) {
+			const eqIdx = pair.indexOf("=");
+			if (eqIdx === -1) {
+				console.error(`Invalid env format "${pair}", expected KEY=VAL`);
+				process.exit(1);
+			}
+			env[pair.slice(0, eqIdx).trim()] = pair.slice(eqIdx + 1).trim();
+		}
+		config.env = env;
+	}
+
+	if (options.cwd) {
+		config.cwd = options.cwd;
+	}
+
+	return config as unknown as ServerConfig;
 }
 
 function buildHttpConfig(options: { url?: string; header?: string[] }): ServerConfig {
-  const config: Record<string, unknown> = { url: options.url! };
-
-  if (options.header && options.header.length > 0) {
-    const headers: Record<string, string> = {};
-    for (const h of options.header) {
-      const colonIdx = h.indexOf(":");
-      if (colonIdx === -1) {
-        console.error(`Invalid header format "${h}", expected Key:Value`);
-        process.exit(1);
-      }
-      headers[h.slice(0, colonIdx).trim()] = h.slice(colonIdx + 1).trim();
-    }
-    config.headers = headers;
-  }
-
-  return config as unknown as ServerConfig;
+	const config: Record<string, unknown> = { url: options.url! };
+
+	if (options.header && options.header.length > 0) {
+		const headers: Record<string, string> = {};
+		for (const h of options.header) {
+			const colonIdx = h.indexOf(":");
+			if (colonIdx === -1) {
+				console.error(`Invalid header format "${h}", expected Key:Value`);
+				process.exit(1);
+			}
+			headers[h.slice(0, colonIdx).trim()] = h.slice(colonIdx + 1).trim();
+		}
+		config.headers = headers;
+	}
+
+	return config as unknown as ServerConfig;
 }

package/src/commands/allow.ts

@@ -1,163 +1,162 @@
+import { bold, dim, green, yellow } from "ansis";
 import type { Command } from "commander";
-import { bold, cyan, dim, green, yellow } from "ansis";
 import {
-  type Client,
-  type Scope,
-  resolveSettingsPath,
-  readClientSettings,
-  writeClientSettings,
-  execPattern,
-  readOnlyPatterns,
-  allExecPattern,
-  allowCommandPattern,
-  denyCommandPattern,
-  addPatterns,
-  getMcpxPatterns,
+	addPatterns,
+	allExecPattern,
+	allowCommandPattern,
+	type Client,
+	denyCommandPattern,
+	execPattern,
+	getMcpxPatterns,
+	readClientSettings,
+	readOnlyPatterns,
+	resolveSettingsPath,
+	type Scope,
+	writeClientSettings,
 } from "../lib/client-settings.ts";
 import { formatOutput } from "../output/format-output.ts";
 import type { FormatOptions } from "../output/formatter.ts";
 
 export function registerAllowCommand(program: Command) {
-  program
-    .command("allow")
-    .description("add permission rules for mcpx commands (Claude Code or Cursor)")
-    .argument("[server]", "server name to allow")
-    .argument("[tools...]", "specific tool names to allow")
-    .option("--all", "allow all mcpx exec calls")
-    .option("--all-read", "allow read-only commands (search, info, list, servers, ping, etc.)")
-    .option("--list", "show current mcpx-related permissions")
-    .option("--cursor", "target Cursor settings instead of Claude Code")
-    .option("--local", "write to local settings (default)")
-    .option("--project", "write to project settings (shared)")
-    .option("--global", "write to global settings")
-    .option("--dry-run", "show patterns without writing")
-    .action(
-      async (
-        server: string | undefined,
-        tools: string[],
-        options: {
-          all?: boolean;
-          allRead?: boolean;
-          list?: boolean;
-          cursor?: boolean;
-          local?: boolean;
-          project?: boolean;
-          global?: boolean;
-          dryRun?: boolean;
-        },
-      ) => {
-        const formatOptions: FormatOptions = { json: program.opts().json };
-        const client: Client = options.cursor ? "cursor" : "claude";
+	program
+		.command("allow")
+		.description("add permission rules for mcpx commands (Claude Code or Cursor)")
+		.argument("[server]", "server name to allow")
+		.argument("[tools...]", "specific tool names to allow")
+		.option("--all", "allow all mcpx exec calls")
+		.option("--all-read", "allow read-only commands (search, info, list, servers, ping, etc.)")
+		.option("--list", "show current mcpx-related permissions")
+		.option("--cursor", "target Cursor settings instead of Claude Code")
+		.option("--local", "write to local settings (default)")
+		.option("--project", "write to project settings (shared)")
+		.option("--global", "write to global settings")
+		.option("--dry-run", "show patterns without writing")
+		.action(
+			async (
+				server: string | undefined,
+				tools: string[],
+				options: {
+					all?: boolean;
+					allRead?: boolean;
+					list?: boolean;
+					cursor?: boolean;
+					local?: boolean;
+					project?: boolean;
+					global?: boolean;
+					dryRun?: boolean;
+				},
+			) => {
+				const formatOptions: FormatOptions = { json: program.opts().json };
+				const client: Client = options.cursor ? "cursor" : "claude";
 
-        // --list mode: show current permissions across all scopes
-        if (options.list) {
-          // Cursor maps local and project to the same file, so only show unique scopes
-          const scopes: Scope[] =
-            client === "cursor" ? ["local", "global"] : ["local", "project", "global"];
-          const results: { scope: Scope; path: string; patterns: string[] }[] = [];
+				// --list mode: show current permissions across all scopes
+				if (options.list) {
+					// Cursor maps local and project to the same file, so only show unique scopes
+					const scopes: Scope[] = client === "cursor" ? ["local", "global"] : ["local", "project", "global"];
+					const results: { scope: Scope; path: string; patterns: string[] }[] = [];
 
-          for (const scope of scopes) {
-            const path = resolveSettingsPath(scope, client);
-            const settings = await readClientSettings(path);
-            const patterns = getMcpxPatterns(settings, client);
-            results.push({ scope, path, patterns });
-          }
+					for (const scope of scopes) {
+						const path = resolveSettingsPath(scope, client);
+						const settings = await readClientSettings(path);
+						const patterns = getMcpxPatterns(settings, client);
+						results.push({ scope, path, patterns });
+					}
 
-          console.log(
-            formatOutput(
-              results.map((r) => ({ scope: r.scope, path: r.path, patterns: r.patterns })),
-              () => {
-                const lines: string[] = [];
-                for (const r of results) {
-                  lines.push(bold(`${r.scope}`) + dim(` (${r.path})`));
-                  if (r.patterns.length === 0) {
-                    lines.push(`  ${dim("(none)")}`);
-                  } else {
-                    for (const p of r.patterns) {
-                      lines.push(`  ${green("✓")} ${p}`);
-                    }
-                  }
-                  lines.push("");
-                }
-                return lines.join("\n").trimEnd();
-              },
-              formatOptions,
-            ),
-          );
-          return;
-        }
+					console.log(
+						formatOutput(
+							results.map((r) => ({ scope: r.scope, path: r.path, patterns: r.patterns })),
+							() => {
+								const lines: string[] = [];
+								for (const r of results) {
+									lines.push(bold(`${r.scope}`) + dim(` (${r.path})`));
+									if (r.patterns.length === 0) {
+										lines.push(`  ${dim("(none)")}`);
+									} else {
+										for (const p of r.patterns) {
+											lines.push(`  ${green("✓")} ${p}`);
+										}
+									}
+									lines.push("");
+								}
+								return lines.join("\n").trimEnd();
+							},
+							formatOptions,
+						),
+					);
+					return;
+				}
 
-        // Build the list of patterns to add
-        const patterns: string[] = [];
+				// Build the list of patterns to add
+				const patterns: string[] = [];
 
-        if (options.all) {
-          patterns.push(allExecPattern(client));
-        }
+				if (options.all) {
+					patterns.push(allExecPattern(client));
+				}
 
-        if (options.allRead) {
-          patterns.push(...readOnlyPatterns(client));
-        }
+				if (options.allRead) {
+					patterns.push(...readOnlyPatterns(client));
+				}
 
-        if (server && tools.length > 0) {
-          for (const tool of tools) {
-            patterns.push(execPattern(server, tool, client));
-          }
-        } else if (server) {
-          patterns.push(execPattern(server, undefined, client));
-        }
+				if (server && tools.length > 0) {
+					for (const tool of tools) {
+						patterns.push(execPattern(server, tool, client));
+					}
+				} else if (server) {
+					patterns.push(execPattern(server, undefined, client));
+				}
 
-        if (patterns.length === 0) {
-          console.error("error: specify a server, --all, or --all-read. See 'mcpx allow --help'.");
-          process.exit(1);
-        }
+				if (patterns.length === 0) {
+					console.error("error: specify a server, --all, or --all-read. See 'mcpx allow --help'.");
+					process.exit(1);
+				}
 
-        // Always include allow/deny command patterns so the agent can self-manage
-        patterns.push(allowCommandPattern(client));
-        patterns.push(denyCommandPattern(client));
+				// Always include allow/deny command patterns so the agent can self-manage
+				patterns.push(allowCommandPattern(client));
+				patterns.push(denyCommandPattern(client));
 
-        const scope: Scope = options.global ? "global" : options.project ? "project" : "local";
-        const path = resolveSettingsPath(scope, client);
+				const scope: Scope = options.global ? "global" : options.project ? "project" : "local";
+				const path = resolveSettingsPath(scope, client);
 
-        if (options.dryRun) {
-          console.log(
-            formatOutput(
-              { scope, path, patterns },
-              () => {
-                const lines: string[] = [];
-                lines.push(bold("Dry run") + dim(` — would write to ${path}:`));
-                for (const p of patterns) {
-                  lines.push(`  ${yellow("+")} ${p}`);
-                }
-                return lines.join("\n");
-              },
-              formatOptions,
-            ),
-          );
-          return;
-        }
+				if (options.dryRun) {
+					console.log(
+						formatOutput(
+							{ scope, path, patterns },
+							() => {
+								const lines: string[] = [];
+								lines.push(bold("Dry run") + dim(` — would write to ${path}:`));
+								for (const p of patterns) {
+									lines.push(`  ${yellow("+")} ${p}`);
+								}
+								return lines.join("\n");
+							},
+							formatOptions,
+						),
+					);
+					return;
+				}
 
-        const settings = await readClientSettings(path);
-        const { settings: updated, added } = addPatterns(settings, patterns);
-        await writeClientSettings(path, updated);
+				const settings = await readClientSettings(path);
+				const { settings: updated, added } = addPatterns(settings, patterns);
+				await writeClientSettings(path, updated);
 
-        console.log(
-          formatOutput(
-            { scope, path, added, total: (updated.permissions?.allow ?? []).length },
-            () => {
-              const lines: string[] = [];
-              if (added.length === 0) {
-                lines.push(dim("All patterns already present — no changes."));
-              } else {
-                lines.push(bold(`Added ${added.length} permission(s)`) + dim(` → ${path}`));
-                for (const p of added) {
-                  lines.push(`  ${green("+")} ${p}`);
-                }
-              }
-              return lines.join("\n");
-            },
-            formatOptions,
-          ),
-        );
-      },
-    );
+				console.log(
+					formatOutput(
+						{ scope, path, added, total: (updated.permissions?.allow ?? []).length },
+						() => {
+							const lines: string[] = [];
+							if (added.length === 0) {
+								lines.push(dim("All patterns already present — no changes."));
+							} else {
+								lines.push(bold(`Added ${added.length} permission(s)`) + dim(` → ${path}`));
+								for (const p of added) {
+									lines.push(`  ${green("+")} ${p}`);
+								}
+							}
+							return lines.join("\n");
+						},
+						formatOptions,
+					),
+				);
+			},
+		);
 }