npm - @exaudeus/workrail - Versions diffs - 0.0.12 → 0.0.13 - Mend

@exaudeus/workrail 0.0.12 → 0.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/dist/infrastructure/storage/remote-workflow-storage.js ADDED Viewed

@@ -0,0 +1,321 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CommunityWorkflowStorage = exports.RemoteWorkflowStorage = void 0;
+const storage_security_1 = require("../../utils/storage-security");
+const error_handler_1 = require("../../core/error-handler");
+/**
+ * Remote workflow storage that fetches workflows from a community registry.
+ * Implements security best practices and proper error handling.
+ * Similar to npm registry but for workflows.
+ */
+class RemoteWorkflowStorage {
+    config;
+    securityOptions;
+    constructor(config) {
+        // Validate and secure the configuration
+        this.validateConfig(config);
+        this.securityOptions = (0, storage_security_1.validateSecurityOptions)(config);
+        this.config = {
+            ...this.securityOptions,
+            baseUrl: config.baseUrl.replace(/\/$/, ''), // Remove trailing slash
+            apiKey: config.apiKey || '',
+            timeout: config.timeout || 10000,
+            retryAttempts: config.retryAttempts || 3,
+            userAgent: config.userAgent || 'workrail-mcp-server/1.0'
+        };
+    }
+    validateConfig(config) {
+        if (!config.baseUrl) {
+            throw new error_handler_1.SecurityError('baseUrl is required for remote storage', 'config-validation');
+        }
+        // Validate URL security
+        (0, storage_security_1.validateSecureUrl)(config.baseUrl);
+        // Validate timeout and retry settings (allow shorter timeouts for testing)
+        if (config.timeout && (config.timeout < 100 || config.timeout > 60000)) {
+            throw new error_handler_1.SecurityError('timeout must be between 100ms and 60000ms', 'config-validation');
+        }
+        if (config.retryAttempts && (config.retryAttempts < 0 || config.retryAttempts > 10)) {
+            throw new error_handler_1.SecurityError('retryAttempts must be between 0 and 10', 'config-validation');
+        }
+    }
+    async loadAllWorkflows() {
+        try {
+            const response = await this.fetchWithRetry('/workflows');
+            const data = await this.parseResponse(response);
+            // Handle different response formats
+            const workflows = data.workflows || data.data || [];
+            return this.validateWorkflows(workflows);
+        }
+        catch (error) {
+            if (error instanceof error_handler_1.SecurityError || error instanceof error_handler_1.StorageError) {
+                throw error; // Re-throw known errors
+            }
+            // Transform unknown errors to storage errors for graceful degradation
+            throw new error_handler_1.StorageError(`Failed to load workflows from remote registry: ${error.message}`, 'remote-fetch');
+        }
+    }
+    async getWorkflowById(id) {
+        try {
+            const sanitizedId = (0, storage_security_1.sanitizeId)(id);
+            const response = await this.fetchWithRetry(`/workflows/${encodeURIComponent(sanitizedId)}`);
+            if (!response.ok) {
+                if (response.status === 404) {
+                    return null; // Workflow not found
+                }
+                throw new error_handler_1.StorageError(`Remote registry returned ${response.status}: ${response.statusText}`, 'remote-fetch');
+            }
+            const workflow = await this.parseResponse(response);
+            // Verify the returned workflow ID matches what we requested
+            if (workflow.id !== sanitizedId) {
+                throw new error_handler_1.InvalidWorkflowError(sanitizedId, `Registry returned workflow with mismatched ID: ${workflow.id}`);
+            }
+            return workflow;
+        }
+        catch (error) {
+            if (error instanceof error_handler_1.SecurityError ||
+                error instanceof error_handler_1.StorageError ||
+                error instanceof error_handler_1.InvalidWorkflowError) {
+                throw error;
+            }
+            throw new error_handler_1.StorageError(`Failed to load workflow ${id} from remote registry: ${error.message}`, 'remote-fetch');
+        }
+    }
+    async listWorkflowSummaries() {
+        try {
+            const response = await this.fetchWithRetry('/workflows/summaries');
+            const data = await this.parseResponse(response);
+            const summaries = data.summaries || data.data || [];
+            return this.validateSummaries(summaries);
+        }
+        catch (error) {
+            if (error instanceof error_handler_1.SecurityError || error instanceof error_handler_1.StorageError) {
+                throw error;
+            }
+            throw new error_handler_1.StorageError(`Failed to load workflow summaries from remote registry: ${error.message}`, 'remote-fetch');
+        }
+    }
+    async save(workflow) {
+        try {
+            const sanitizedWorkflow = this.validateWorkflowForSave(workflow);
+            const response = await this.fetchWithRetry('/workflows', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    ...(this.config.apiKey && { 'Authorization': `Bearer ${this.config.apiKey}` })
+                },
+                body: JSON.stringify(sanitizedWorkflow)
+            });
+            if (!response.ok) {
+                const errorData = await this.parseResponse(response);
+                throw new error_handler_1.StorageError(`Failed to publish workflow: ${errorData.message || errorData.error || 'Unknown error'}`, 'remote-save');
+            }
+        }
+        catch (error) {
+            if (error instanceof error_handler_1.SecurityError ||
+                error instanceof error_handler_1.StorageError ||
+                error instanceof error_handler_1.InvalidWorkflowError) {
+                throw error;
+            }
+            throw new error_handler_1.StorageError(`Failed to save workflow to remote registry: ${error.message}`, 'remote-save');
+        }
+    }
+    async fetchWithRetry(path, options) {
+        const url = `${this.config.baseUrl}${path}`;
+        let lastError = null;
+        for (let attempt = 1; attempt <= this.config.retryAttempts; attempt++) {
+            try {
+                const controller = new AbortController();
+                const timeoutId = setTimeout(() => controller.abort(), this.config.timeout);
+                const response = await fetch(url, {
+                    ...options,
+                    signal: controller.signal,
+                    headers: {
+                        'User-Agent': this.config.userAgent,
+                        'Accept': 'application/json',
+                        ...options?.headers
+                    }
+                });
+                clearTimeout(timeoutId);
+                return response;
+            }
+            catch (error) {
+                lastError = error;
+                if (attempt === this.config.retryAttempts) {
+                    break; // Don't wait after the last attempt
+                }
+                // Exponential backoff with jitter
+                const delay = Math.pow(2, attempt) * 1000 + Math.random() * 1000;
+                await new Promise(resolve => setTimeout(resolve, delay));
+            }
+        }
+        throw new error_handler_1.StorageError(`Failed to fetch ${url} after ${this.config.retryAttempts} attempts: ${lastError?.message}`, 'network-timeout');
+    }
+    async parseResponse(response) {
+        try {
+            const text = await response.text();
+            if (!text) {
+                throw new error_handler_1.StorageError('Empty response from remote registry', 'parse-error');
+            }
+            return JSON.parse(text);
+        }
+        catch (error) {
+            if (error instanceof error_handler_1.StorageError) {
+                throw error;
+            }
+            throw new error_handler_1.StorageError(`Failed to parse response from remote registry: ${error.message}`, 'parse-error');
+        }
+    }
+    validateWorkflows(workflows) {
+        if (!Array.isArray(workflows)) {
+            throw new error_handler_1.StorageError('Remote registry returned invalid workflows data', 'validation-error');
+        }
+        return workflows.filter((workflow) => {
+            try {
+                // Basic validation - detailed validation should be handled by schema validator decorator
+                if (!workflow || typeof workflow !== 'object') {
+                    return false;
+                }
+                const wf = workflow;
+                if (!wf.id || !wf.name || !wf.steps) {
+                    return false;
+                }
+                // Validate the ID is safe
+                (0, storage_security_1.sanitizeId)(wf.id);
+                return true;
+            }
+            catch {
+                return false; // Skip invalid workflows
+            }
+        });
+    }
+    validateSummaries(summaries) {
+        if (!Array.isArray(summaries)) {
+            throw new error_handler_1.StorageError('Remote registry returned invalid summaries data', 'validation-error');
+        }
+        return summaries.filter((summary) => {
+            try {
+                if (!summary || typeof summary !== 'object') {
+                    return false;
+                }
+                const s = summary;
+                if (!s.id || !s.name) {
+                    return false;
+                }
+                // Validate the ID is safe
+                (0, storage_security_1.sanitizeId)(s.id);
+                return true;
+            }
+            catch {
+                return false;
+            }
+        });
+    }
+    validateWorkflowForSave(workflow) {
+        if (!workflow || typeof workflow !== 'object') {
+            throw new error_handler_1.InvalidWorkflowError('unknown', 'Workflow must be a valid object');
+        }
+        if (!workflow.id || !workflow.name || !workflow.steps) {
+            throw new error_handler_1.InvalidWorkflowError(workflow.id || 'unknown', 'Workflow must have id, name, and steps');
+        }
+        // Sanitize the ID
+        const sanitizedId = (0, storage_security_1.sanitizeId)(workflow.id);
+        return {
+            ...workflow,
+            id: sanitizedId
+        };
+    }
+}
+exports.RemoteWorkflowStorage = RemoteWorkflowStorage;
+/**
+ * Multi-source workflow storage that combines bundled, local, and remote workflows.
+ * Uses composition to cleanly separate concerns.
+ */
+class CommunityWorkflowStorage {
+    sources;
+    remoteStorage;
+    constructor(bundledStorage, localStorage, remoteConfig) {
+        this.remoteStorage = new RemoteWorkflowStorage(remoteConfig);
+        this.sources = [bundledStorage, localStorage, this.remoteStorage];
+    }
+    async loadAllWorkflows() {
+        const allWorkflows = [];
+        const seenIds = new Set();
+        // Load from all sources, with later sources taking precedence
+        for (const source of this.sources) {
+            try {
+                const workflows = await source.loadAllWorkflows();
+                for (const workflow of workflows) {
+                    if (seenIds.has(workflow.id)) {
+                        // Replace existing workflow with same ID
+                        const existingIndex = allWorkflows.findIndex(wf => wf.id === workflow.id);
+                        if (existingIndex >= 0) {
+                            allWorkflows[existingIndex] = workflow;
+                        }
+                    }
+                    else {
+                        allWorkflows.push(workflow);
+                        seenIds.add(workflow.id);
+                    }
+                }
+            }
+            catch (error) {
+                // For storage sources, we want to continue even if one fails
+                // This is intentional graceful degradation behavior
+                if (error instanceof error_handler_1.StorageError) {
+                    console.warn(`Storage source failed (graceful degradation):`, error.message);
+                }
+                else {
+                    console.warn(`Unexpected error from storage source:`, error);
+                }
+            }
+        }
+        return allWorkflows;
+    }
+    async getWorkflowById(id) {
+        try {
+            const sanitizedId = (0, storage_security_1.sanitizeId)(id);
+            // Search in reverse order (later sources take precedence)
+            for (let i = this.sources.length - 1; i >= 0; i--) {
+                try {
+                    const workflow = await this.sources[i].getWorkflowById(sanitizedId);
+                    if (workflow) {
+                        return workflow;
+                    }
+                }
+                catch (error) {
+                    // Continue searching other sources if one fails
+                    if (error instanceof error_handler_1.StorageError) {
+                        console.warn(`Storage source failed for workflow ${sanitizedId}:`, error.message);
+                    }
+                    else {
+                        console.warn(`Unexpected error from storage source for workflow ${sanitizedId}:`, error);
+                    }
+                }
+            }
+            return null;
+        }
+        catch (error) {
+            if (error instanceof error_handler_1.SecurityError || error instanceof error_handler_1.InvalidWorkflowError) {
+                throw error; // Don't continue with invalid IDs
+            }
+            throw new error_handler_1.StorageError(`Failed to retrieve workflow ${id}: ${error.message}`, 'multi-source-error');
+        }
+    }
+    async listWorkflowSummaries() {
+        // Reuse loadAllWorkflows for consistency and caching benefits
+        const workflows = await this.loadAllWorkflows();
+        return workflows.map(workflow => ({
+            id: workflow.id,
+            name: workflow.name,
+            description: workflow.description,
+            category: 'community',
+            version: workflow.version
+        }));
+    }
+    async save(workflow) {
+        // Delegate to remote storage for publishing
+        return this.remoteStorage.save(workflow);
+    }
+}
+exports.CommunityWorkflowStorage = CommunityWorkflowStorage;
+//# sourceMappingURL=remote-workflow-storage.js.map

package/dist/infrastructure/storage/remote-workflow-storage.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"remote-workflow-storage.js","sourceRoot":"","sources":["../../../src/infrastructure/storage/remote-workflow-storage.ts"],"names":[],"mappings":";;;AAEA,mEAKsC;AACtC,4DAA6F;AAkB7F;;;;GAIG;AACH,MAAa,qBAAqB;IACf,MAAM,CAAyC;IAC/C,eAAe,CAAmC;IAEnE,YAAY,MAAoC;QAC9C,wCAAwC;QACxC,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAC5B,IAAI,CAAC,eAAe,GAAG,IAAA,0CAAuB,EAAC,MAAM,CAAC,CAAC;QAEvD,IAAI,CAAC,MAAM,GAAG;YACZ,GAAG,IAAI,CAAC,eAAe;YACvB,OAAO,EAAE,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,EAAE,wBAAwB;YACpE,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK;YAChC,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,CAAC;YACxC,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,yBAAyB;SACzD,CAAC;IACJ,CAAC;IAEO,cAAc,CAAC,MAAoC;QACzD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,6BAAa,CAAC,wCAAwC,EAAE,mBAAmB,CAAC,CAAC;QACzF,CAAC;QAED,wBAAwB;QACxB,IAAA,oCAAiB,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAElC,2EAA2E;QAC3E,IAAI,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,GAAG,GAAG,IAAI,MAAM,CAAC,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,6BAAa,CAAC,2CAA2C,EAAE,mBAAmB,CAAC,CAAC;QAC5F,CAAC;QAED,IAAI,MAAM,CAAC,aAAa,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,CAAC,IAAI,MAAM,CAAC,aAAa,GAAG,EAAE,CAAC,EAAE,CAAC;YACpF,MAAM,IAAI,6BAAa,CAAC,wCAAwC,EAAE,mBAAmB,CAAC,CAAC;QACzF,CAAC;IACH,CAAC;IAED,KAAK,CAAC,gBAAgB;QACpB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;YACzD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAA+B,QAAQ,CAAC,CAAC;YAE9E,oCAAoC;YACpC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;YACpD,OAAO,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,6BAAa,IAAI,KAAK,YAAY,4BAAY,EAAE,CAAC;gBACpE,MAAM,KAAK,CAAC,CAAC,wBAAwB;YACvC,CAAC;YAED,sEAAsE;YACtE,MAAM,IAAI,4BAAY,CACpB,kDAAmD,KAAe,CAAC,OAAO,EAAE,EAC5E,cAAc,CACf,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,EAAU;QAC9B,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,IAAA,6BAAU,EAAC,EAAE,CAAC,CAAC;YACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YAE5F,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;oBAC5B,OAAO,IAAI,CAAC,CAAC,qBAAqB;gBACpC,CAAC;gBACD,MAAM,IAAI,4BAAY,CACpB,4BAA4B,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,EAAE,EACrE,cAAc,CACf,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAW,QAAQ,CAAC,CAAC;YAE9D,4DAA4D;YAC5D,IAAI,QAAQ,CAAC,EAAE,KAAK,WAAW,EAAE,CAAC;gBAChC,MAAM,IAAI,oCAAoB,CAC5B,WAAW,EACX,kDAAkD,QAAQ,CAAC,EAAE,EAAE,CAChE,CAAC;YACJ,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,6BAAa;gBAC9B,KAAK,YAAY,4BAAY;gBAC7B,KAAK,YAAY,oCAAoB,EAAE,CAAC;gBAC1C,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,IAAI,4BAAY,CACpB,2BAA2B,EAAE,0BAA2B,KAAe,CAAC,OAAO,EAAE,EACjF,cAAc,CACf,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,CAAC;YACnE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAsC,QAAQ,CAAC,CAAC;YAErF,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;YACpD,OAAO,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,6BAAa,IAAI,KAAK,YAAY,4BAAY,EAAE,CAAC;gBACpE,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,IAAI,4BAAY,CACpB,2DAA4D,KAAe,CAAC,OAAO,EAAE,EACrF,cAAc,CACf,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,QAAkB;QAC3B,IAAI,CAAC;YACH,MAAM,iBAAiB,GAAG,IAAI,CAAC,uBAAuB,CAAC,QAAQ,CAAC,CAAC;YAEjE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE;gBACvD,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;iBAC/E;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC;aACxC,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,aAAa,CAA0B,QAAQ,CAAC,CAAC;gBAC9E,MAAM,IAAI,4BAAY,CACpB,+BAA+B,SAAS,CAAC,OAAO,IAAI,SAAS,CAAC,KAAK,IAAI,eAAe,EAAE,EACxF,aAAa,CACd,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,6BAAa;gBAC9B,KAAK,YAAY,4BAAY;gBAC7B,KAAK,YAAY,oCAAoB,EAAE,CAAC;gBAC1C,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,IAAI,4BAAY,CACpB,+CAAgD,KAAe,CAAC,OAAO,EAAE,EACzE,aAAa,CACd,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,IAAY,EAAE,OAAqB;QAC9D,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QAC5C,IAAI,SAAS,GAAiB,IAAI,CAAC;QAEnC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,OAAO,EAAE,EAAE,CAAC;YACtE,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;gBACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAE5E,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;oBAChC,GAAG,OAAO;oBACV,MAAM,EAAE,UAAU,CAAC,MAAM;oBACzB,OAAO,EAAE;wBACP,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;wBACnC,QAAQ,EAAE,kBAAkB;wBAC5B,GAAG,OAAO,EAAE,OAAO;qBACpB;iBACF,CAAC,CAAC;gBAEH,YAAY,CAAC,SAAS,CAAC,CAAC;gBACxB,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,SAAS,GAAG,KAAc,CAAC;gBAE3B,IAAI,OAAO,KAAK,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;oBAC1C,MAAM,CAAC,oCAAoC;gBAC7C,CAAC;gBAED,kCAAkC;gBAClC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC;gBACjE,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;QAED,MAAM,IAAI,4BAAY,CACpB,mBAAmB,GAAG,UAAU,IAAI,CAAC,MAAM,CAAC,aAAa,cAAc,SAAS,EAAE,OAAO,EAAE,EAC3F,iBAAiB,CAClB,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,aAAa,CAAI,QAAkB;QAC/C,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAEnC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,MAAM,IAAI,4BAAY,CAAC,qCAAqC,EAAE,aAAa,CAAC,CAAC;YAC/E,CAAC;YAED,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAM,CAAC;QAC/B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,4BAAY,EAAE,CAAC;gBAClC,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,IAAI,4BAAY,CACpB,kDAAmD,KAAe,CAAC,OAAO,EAAE,EAC5E,aAAa,CACd,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,SAAoB;QAC5C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,4BAAY,CAAC,iDAAiD,EAAE,kBAAkB,CAAC,CAAC;QAChG,CAAC;QAED,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE;YACnC,IAAI,CAAC;gBACH,yFAAyF;gBACzF,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAC9C,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,MAAM,EAAE,GAAG,QAAe,CAAC;gBAC3B,IAAI,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;oBACpC,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,0BAA0B;gBAC1B,IAAA,6BAAU,EAAC,EAAE,CAAC,EAAE,CAAC,CAAC;gBAClB,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC,CAAC,yBAAyB;YACzC,CAAC;QACH,CAAC,CAAe,CAAC;IACnB,CAAC;IAEO,iBAAiB,CAAC,SAAoB;QAC5C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,4BAAY,CAAC,iDAAiD,EAAE,kBAAkB,CAAC,CAAC;QAChG,CAAC;QAED,OAAO,SAAS,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE;YAClC,IAAI,CAAC;gBACH,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,MAAM,CAAC,GAAG,OAAc,CAAC;gBACzB,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBACrB,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,0BAA0B;gBAC1B,IAAA,6BAAU,EAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACjB,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC,CAAsB,CAAC;IAC1B,CAAC;IAEO,uBAAuB,CAAC,QAAkB;QAChD,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC9C,MAAM,IAAI,oCAAoB,CAAC,SAAS,EAAE,iCAAiC,CAAC,CAAC;QAC/E,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACtD,MAAM,IAAI,oCAAoB,CAC5B,QAAQ,CAAC,EAAE,IAAI,SAAS,EACxB,wCAAwC,CACzC,CAAC;QACJ,CAAC;QAED,kBAAkB;QAClB,MAAM,WAAW,GAAG,IAAA,6BAAU,EAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAE5C,OAAO;YACL,GAAG,QAAQ;YACX,EAAE,EAAE,WAAW;SAChB,CAAC;IACJ,CAAC;CACF;AA3RD,sDA2RC;AAED;;;GAGG;AACH,MAAa,wBAAwB;IAClB,OAAO,CAAqB;IAC5B,aAAa,CAAwB;IAEtD,YACE,cAAgC,EAChC,YAA8B,EAC9B,YAA0C;QAE1C,IAAI,CAAC,aAAa,GAAG,IAAI,qBAAqB,CAAC,YAAY,CAAC,CAAC;QAC7D,IAAI,CAAC,OAAO,GAAG,CAAC,cAAc,EAAE,YAAY,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACpE,CAAC;IAED,KAAK,CAAC,gBAAgB;QACpB,MAAM,YAAY,GAAe,EAAE,CAAC;QACpC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;QAElC,8DAA8D;QAC9D,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,gBAAgB,EAAE,CAAC;gBAElD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;oBACjC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;wBAC7B,yCAAyC;wBACzC,MAAM,aAAa,GAAG,YAAY,CAAC,SAAS,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE,CAAC,CAAC;wBAC1E,IAAI,aAAa,IAAI,CAAC,EAAE,CAAC;4BACvB,YAAY,CAAC,aAAa,CAAC,GAAG,QAAQ,CAAC;wBACzC,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;wBAC5B,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;oBAC3B,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,6DAA6D;gBAC7D,oDAAoD;gBACpD,IAAI,KAAK,YAAY,4BAAY,EAAE,CAAC;oBAClC,OAAO,CAAC,IAAI,CAAC,+CAA+C,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;gBAC/E,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,IAAI,CAAC,uCAAuC,EAAE,KAAK,CAAC,CAAC;gBAC/D,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,EAAU;QAC9B,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,IAAA,6BAAU,EAAC,EAAE,CAAC,CAAC;YAEnC,0DAA0D;YAC1D,KAAK,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBAClD,IAAI,CAAC;oBACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;oBACrE,IAAI,QAAQ,EAAE,CAAC;wBACb,OAAO,QAAQ,CAAC;oBAClB,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,gDAAgD;oBAChD,IAAI,KAAK,YAAY,4BAAY,EAAE,CAAC;wBAClC,OAAO,CAAC,IAAI,CAAC,sCAAsC,WAAW,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;oBACpF,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,IAAI,CAAC,qDAAqD,WAAW,GAAG,EAAE,KAAK,CAAC,CAAC;oBAC3F,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,6BAAa,IAAI,KAAK,YAAY,oCAAoB,EAAE,CAAC;gBAC5E,MAAM,KAAK,CAAC,CAAC,kCAAkC;YACjD,CAAC;YAED,MAAM,IAAI,4BAAY,CACpB,+BAA+B,EAAE,KAAM,KAAe,CAAC,OAAO,EAAE,EAChE,oBAAoB,CACrB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB;QACzB,8DAA8D;QAC9D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAChD,OAAO,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YAChC,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,WAAW,EAAE,QAAQ,CAAC,WAAW;YACjC,QAAQ,EAAE,WAAW;YACrB,OAAO,EAAE,QAAQ,CAAC,OAAO;SAC1B,CAAC,CAAC,CAAC;IACN,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,QAAkB;QAC3B,4CAA4C;QAC5C,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;CACF;AAlGD,4DAkGC"}

package/dist/tools/mcp_initialize.js CHANGED Viewed

@@ -43,7 +43,7 @@ async function initializeHandler(request) {
             },
             serverInfo: {
                 name: 'workflow-lookup',
-                version: '0.0.1',
+                version: '1.0.0',
                 description: 'MCP server for workflow orchestration and guidance'
             }
         }

package/dist/utils/storage-security.d.ts ADDED Viewed

@@ -0,0 +1,74 @@
+/**
+ * Storage security utilities extracted from FileWorkflowStorage patterns
+ * for consistent security across all storage implementations.
+ */
+/**
+ * Sanitize and validate workflow identifiers for security.
+ * Prevents null byte injection and enforces valid character set.
+ *
+ * @param id - The workflow identifier to validate
+ * @returns Normalized and validated identifier
+ * @throws SecurityError for null bytes
+ * @throws InvalidWorkflowError for invalid characters
+ */
+export declare function sanitizeId(id: string): string;
+/**
+ * Assert that a resolved path stays within the specified base directory.
+ * Prevents path traversal attacks by ensuring no directory escape.
+ *
+ * @param resolvedPath - The fully resolved absolute path to check
+ * @param baseDir - The base directory that should contain the path
+ * @throws SecurityError if path escapes the base directory
+ */
+export declare function assertWithinBase(resolvedPath: string, baseDir: string): void;
+/**
+ * Validate file size against security limits.
+ * Prevents resource exhaustion and DoS attacks via oversized files.
+ *
+ * @param fileSize - Size of the file in bytes
+ * @param maxSize - Maximum allowed size in bytes
+ * @param context - Context for error reporting (e.g., filename)
+ * @throws SecurityError if file exceeds size limit
+ */
+export declare function validateFileSize(fileSize: number, maxSize: number, context?: string): void;
+/**
+ * Sanitize and resolve a file path safely within a base directory.
+ * Combines path resolution with base directory validation.
+ *
+ * @param basePath - The base directory
+ * @param relativePath - The relative path to resolve
+ * @returns Safely resolved absolute path
+ * @throws SecurityError if the resolved path escapes the base
+ */
+export declare function securePathResolve(basePath: string, relativePath: string): string;
+/**
+ * Validate URL security for remote storage implementations.
+ * Ensures URLs use safe protocols and don't target local resources.
+ *
+ * @param url - The URL to validate
+ * @throws SecurityError for unsafe URLs
+ */
+export declare function validateSecureUrl(url: string): void;
+/**
+ * Common security options interface for storage implementations.
+ */
+export interface StorageSecurityOptions {
+    /** Maximum file size in bytes (default: 1MB) */
+    maxFileSizeBytes?: number;
+    /** Whether to allow HTTP URLs (default: false, HTTPS only) */
+    allowHttp?: boolean;
+    /** Custom allowed URL patterns (advanced use) */
+    allowedUrlPatterns?: RegExp[];
+}
+/**
+ * Default security configuration following FileWorkflowStorage patterns.
+ */
+export declare const DEFAULT_SECURITY_OPTIONS: Required<StorageSecurityOptions>;
+/**
+ * Validate security options and apply defaults.
+ *
+ * @param options - User-provided security options
+ * @returns Validated options with defaults applied
+ */
+export declare function validateSecurityOptions(options?: StorageSecurityOptions): Required<StorageSecurityOptions>;
+//# sourceMappingURL=storage-security.d.ts.map

package/dist/utils/storage-security.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"storage-security.d.ts","sourceRoot":"","sources":["../../src/utils/storage-security.ts"],"names":[],"mappings":"AAGA;;;GAGG;AAEH;;;;;;;;GAQG;AACH,wBAAgB,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAW7C;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAI5E;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAQ1F;AAED;;;;;;;;GAQG;AACH,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,MAAM,CAIhF;AAED;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CA8BnD;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,gDAAgD;IAChD,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,8DAA8D;IAC9D,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,iDAAiD;IACjD,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AAED;;GAEG;AACH,eAAO,MAAM,wBAAwB,EAAE,QAAQ,CAAC,sBAAsB,CAIrE,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,GAAE,sBAA2B,GAAG,QAAQ,CAAC,sBAAsB,CAAC,CAY9G"}

package/dist/utils/storage-security.js ADDED Viewed

@@ -0,0 +1,134 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_SECURITY_OPTIONS = void 0;
+exports.sanitizeId = sanitizeId;
+exports.assertWithinBase = assertWithinBase;
+exports.validateFileSize = validateFileSize;
+exports.securePathResolve = securePathResolve;
+exports.validateSecureUrl = validateSecureUrl;
+exports.validateSecurityOptions = validateSecurityOptions;
+const tslib_1 = require("tslib");
+const path_1 = tslib_1.__importDefault(require("path"));
+const error_handler_1 = require("../core/error-handler");
+/**
+ * Storage security utilities extracted from FileWorkflowStorage patterns
+ * for consistent security across all storage implementations.
+ */
+/**
+ * Sanitize and validate workflow identifiers for security.
+ * Prevents null byte injection and enforces valid character set.
+ *
+ * @param id - The workflow identifier to validate
+ * @returns Normalized and validated identifier
+ * @throws SecurityError for null bytes
+ * @throws InvalidWorkflowError for invalid characters
+ */
+function sanitizeId(id) {
+    if (id.includes('\u0000')) {
+        throw new error_handler_1.SecurityError('Null byte detected in identifier', 'sanitizeId');
+    }
+    const normalised = id.normalize('NFC');
+    const valid = /^[a-zA-Z0-9_-]+$/.test(normalised);
+    if (!valid) {
+        throw new error_handler_1.InvalidWorkflowError(id, 'Invalid characters in workflow id');
+    }
+    return normalised;
+}
+/**
+ * Assert that a resolved path stays within the specified base directory.
+ * Prevents path traversal attacks by ensuring no directory escape.
+ *
+ * @param resolvedPath - The fully resolved absolute path to check
+ * @param baseDir - The base directory that should contain the path
+ * @throws SecurityError if path escapes the base directory
+ */
+function assertWithinBase(resolvedPath, baseDir) {
+    if (!resolvedPath.startsWith(baseDir + path_1.default.sep) && resolvedPath !== baseDir) {
+        throw new error_handler_1.SecurityError('Path escapes storage sandbox', 'file-access');
+    }
+}
+/**
+ * Validate file size against security limits.
+ * Prevents resource exhaustion and DoS attacks via oversized files.
+ *
+ * @param fileSize - Size of the file in bytes
+ * @param maxSize - Maximum allowed size in bytes
+ * @param context - Context for error reporting (e.g., filename)
+ * @throws SecurityError if file exceeds size limit
+ */
+function validateFileSize(fileSize, maxSize, context) {
+    if (fileSize > maxSize) {
+        const contextStr = context ? ` (${context})` : '';
+        throw new error_handler_1.SecurityError(`File exceeds size limit of ${maxSize} bytes${contextStr}`, 'file-size');
+    }
+}
+/**
+ * Sanitize and resolve a file path safely within a base directory.
+ * Combines path resolution with base directory validation.
+ *
+ * @param basePath - The base directory
+ * @param relativePath - The relative path to resolve
+ * @returns Safely resolved absolute path
+ * @throws SecurityError if the resolved path escapes the base
+ */
+function securePathResolve(basePath, relativePath) {
+    const resolvedPath = path_1.default.resolve(basePath, relativePath);
+    assertWithinBase(resolvedPath, basePath);
+    return resolvedPath;
+}
+/**
+ * Validate URL security for remote storage implementations.
+ * Ensures URLs use safe protocols and don't target local resources.
+ *
+ * @param url - The URL to validate
+ * @throws SecurityError for unsafe URLs
+ */
+function validateSecureUrl(url) {
+    try {
+        const parsed = new URL(url);
+        // Only allow HTTPS and HTTP protocols
+        if (!['https:', 'http:'].includes(parsed.protocol)) {
+            throw new error_handler_1.SecurityError(`Unsafe protocol: ${parsed.protocol}. Only HTTP/HTTPS allowed`, 'url-validation');
+        }
+        // Prevent localhost and private IP access
+        const hostname = parsed.hostname.toLowerCase();
+        if (hostname === 'localhost' ||
+            hostname === '127.0.0.1' ||
+            hostname.startsWith('192.168.') ||
+            hostname.startsWith('10.') ||
+            hostname.startsWith('172.')) {
+            throw new error_handler_1.SecurityError('Access to local/private networks not allowed', 'url-validation');
+        }
+    }
+    catch (error) {
+        if (error instanceof error_handler_1.SecurityError) {
+            throw error;
+        }
+        throw new error_handler_1.SecurityError(`Invalid URL format: ${url}`, 'url-validation');
+    }
+}
+/**
+ * Default security configuration following FileWorkflowStorage patterns.
+ */
+exports.DEFAULT_SECURITY_OPTIONS = {
+    maxFileSizeBytes: 1_000_000, // 1 MB
+    allowHttp: false,
+    allowedUrlPatterns: []
+};
+/**
+ * Validate security options and apply defaults.
+ *
+ * @param options - User-provided security options
+ * @returns Validated options with defaults applied
+ */
+function validateSecurityOptions(options = {}) {
+    const validated = { ...exports.DEFAULT_SECURITY_OPTIONS, ...options };
+    if (validated.maxFileSizeBytes <= 0) {
+        throw new error_handler_1.SecurityError('maxFileSizeBytes must be positive', 'config-validation');
+    }
+    if (validated.maxFileSizeBytes > 100_000_000) { // 100MB upper limit
+        throw new error_handler_1.SecurityError('maxFileSizeBytes exceeds reasonable limit (100MB)', 'config-validation');
+    }
+    return validated;
+}
+//# sourceMappingURL=storage-security.js.map

package/dist/utils/storage-security.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"storage-security.js","sourceRoot":"","sources":["../../src/utils/storage-security.ts"],"names":[],"mappings":";;;AAiBA,gCAWC;AAUD,4CAIC;AAWD,4CAQC;AAWD,8CAIC;AASD,8CA8BC;AA6BD,0DAYC;;AA5JD,wDAAwB;AACxB,yDAA4E;AAE5E;;;GAGG;AAEH;;;;;;;;GAQG;AACH,SAAgB,UAAU,CAAC,EAAU;IACnC,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,6BAAa,CAAC,kCAAkC,EAAE,YAAY,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM,UAAU,GAAG,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACvC,MAAM,KAAK,GAAG,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,oCAAoB,CAAC,EAAE,EAAE,mCAAmC,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,gBAAgB,CAAC,YAAoB,EAAE,OAAe;IACpE,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,GAAG,cAAI,CAAC,GAAG,CAAC,IAAI,YAAY,KAAK,OAAO,EAAE,CAAC;QAC7E,MAAM,IAAI,6BAAa,CAAC,8BAA8B,EAAE,aAAa,CAAC,CAAC;IACzE,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,gBAAgB,CAAC,QAAgB,EAAE,OAAe,EAAE,OAAgB;IAClF,IAAI,QAAQ,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,KAAK,OAAO,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,MAAM,IAAI,6BAAa,CACrB,8BAA8B,OAAO,SAAS,UAAU,EAAE,EAC1D,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,iBAAiB,CAAC,QAAgB,EAAE,YAAoB;IACtE,MAAM,YAAY,GAAG,cAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAC1D,gBAAgB,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACzC,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAE5B,sCAAsC;QACtC,IAAI,CAAC,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,IAAI,6BAAa,CACrB,oBAAoB,MAAM,CAAC,QAAQ,2BAA2B,EAC9D,gBAAgB,CACjB,CAAC;QACJ,CAAC;QAED,0CAA0C;QAC1C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC/C,IAAI,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,WAAW;YACxB,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC;YAC/B,QAAQ,CAAC,UAAU,CAAC,KAAK,CAAC;YAC1B,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,6BAAa,CACrB,8CAA8C,EAC9C,gBAAgB,CACjB,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,6BAAa,EAAE,CAAC;YACnC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,6BAAa,CAAC,uBAAuB,GAAG,EAAE,EAAE,gBAAgB,CAAC,CAAC;IAC1E,CAAC;AACH,CAAC;AAcD;;GAEG;AACU,QAAA,wBAAwB,GAAqC;IACxE,gBAAgB,EAAE,SAAS,EAAE,OAAO;IACpC,SAAS,EAAE,KAAK;IAChB,kBAAkB,EAAE,EAAE;CACvB,CAAC;AAEF;;;;;GAKG;AACH,SAAgB,uBAAuB,CAAC,UAAkC,EAAE;IAC1E,MAAM,SAAS,GAAG,EAAE,GAAG,gCAAwB,EAAE,GAAG,OAAO,EAAE,CAAC;IAE9D,IAAI,SAAS,CAAC,gBAAgB,IAAI,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,6BAAa,CAAC,mCAAmC,EAAE,mBAAmB,CAAC,CAAC;IACpF,CAAC;IAED,IAAI,SAAS,CAAC,gBAAgB,GAAG,WAAW,EAAE,CAAC,CAAC,oBAAoB;QAClE,MAAM,IAAI,6BAAa,CAAC,mDAAmD,EAAE,mBAAmB,CAAC,CAAC;IACpG,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@exaudeus/workrail",
-  "version": "0.0.12",
+  "version": "0.0.13",
   "description": "MCP server for structured workflow orchestration and step-by-step task guidance",
   "license": "MIT",
   "bin": {