npm - @gethmy/mcp - Versions diffs - 2.4.4 → 2.4.7 - Mend

@gethmy/mcp 2.4.4 → 2.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/cli.js +56 -12
package/dist/index.js +56 -12
package/dist/lib/api-client.js +29 -1
package/dist/lib/config.js +5 -1
package/package.json +1 -1
package/src/__tests__/memory-audit.test.ts +83 -1
package/src/__tests__/remote-routing.test.ts +285 -0
package/src/api-client.ts +40 -1
package/src/memory-audit.ts +36 -16
package/src/remote.ts +318 -56

package/dist/cli.js CHANGED Viewed

@@ -5,25 +5,43 @@ var __getProtoOf = Object.getPrototypeOf;
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+function __accessProp(key) {
+  return this[key];
+}
+var __toESMCache_node;
+var __toESMCache_esm;
 var __toESM = (mod, isNodeMode, target) => {
+  var canCache = mod != null && typeof mod === "object";
+  if (canCache) {
+    var cache = isNodeMode ? __toESMCache_node ??= new WeakMap : __toESMCache_esm ??= new WeakMap;
+    var cached = cache.get(mod);
+    if (cached)
+      return cached;
+  }
   target = mod != null ? __create(__getProtoOf(mod)) : {};
   const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
   for (let key of __getOwnPropNames(mod))
     if (!__hasOwnProp.call(to, key))
       __defProp(to, key, {
-        get: () => mod[key],
+        get: __accessProp.bind(mod, key),
         enumerable: true
       });
+  if (canCache)
+    cache.set(mod, to);
   return to;
 };
 var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, {
       get: all[name],
       enumerable: true,
       configurable: true,
-      set: (newValue) => all[name] = () => newValue
+      set: __exportSetter.bind(all, name)
     });
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
@@ -8942,7 +8960,7 @@ var require_formats = __commonJS((exports) => {
   }
   var TIME = /^(\d\d):(\d\d):(\d\d(?:\.\d+)?)(z|([+-])(\d\d)(?::?(\d\d))?)?$/i;
   function getTime(strictTimeZone) {
-    return function time(str) {
+    return function time3(str) {
       const matches = TIME.exec(str);
       if (!matches)
         return false;
@@ -27052,16 +27070,31 @@ async function requestWithBearer(apiUrl, bearerToken, method, path, body) {
   return result;
 }
+class HarmonyUnauthorizedError extends Error {
+  constructor(message = "Invalid or expired credentials") {
+    super(message);
+    this.name = "HarmonyUnauthorizedError";
+  }
+}
 class HarmonyApiClient {
   apiKey;
   apiUrl;
+  onUnauthorized;
   constructor(options) {
     this.apiKey = options?.apiKey ?? getApiKey();
     this.apiUrl = options?.apiUrl ?? getApiUrl();
+    this.onUnauthorized = options?.onUnauthorized;
   }
   getApiUrl() {
     return this.apiUrl;
   }
+  setApiKey(apiKey) {
+    this.apiKey = apiKey;
+  }
+  getApiKey() {
+    return this.apiKey;
+  }
   async request(method, path, body, options) {
     await requestSemaphore.acquire();
     try {
@@ -27108,6 +27141,10 @@ class HarmonyApiClient {
         }
         if (!response.ok) {
           const errorMsg = data?.error || (looksLikeJson ? null : `API error: ${response.status} (non-JSON response)`) || `API error: ${response.status}`;
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }
@@ -27157,6 +27194,10 @@ class HarmonyApiClient {
           } catch {
             errorMsg = text || `API error: ${response.status}`;
           }
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }
@@ -28088,23 +28129,25 @@ var BATCH_SIZE = 100;
 var CONCURRENCY_LIMIT = 5;
 var BOILERPLATE_PATTERNS = [
   /^todo:?$/i,
-  /^placeholder/i,
+  /^placeholder(\s+\d+|:)?$/i,
   /^\.\.\.$/,
-  /^untitled/i,
-  /^(note|memo|draft)\s*\d*$/i,
+  /^untitled(\s+\d+|:)?$/i,
+  /^(note|memo|draft)\s+\d+$/i,
   /^task transition:/i
 ];
-function isBoilerplate(title, content) {
+function isBoilerplateTitle(title) {
   const t = title.trim();
-  const c = content.trim();
-  if (c.length === 0)
-    return true;
   for (const pat of BOILERPLATE_PATTERNS) {
     if (pat.test(t))
       return true;
   }
   return false;
 }
+function isBoilerplate(title, content) {
+  if (content.trim().length === 0)
+    return true;
+  return isBoilerplateTitle(title);
+}
 function scoreEntity(entity, relationCount, archiveBelow, deleteBelow, staleDraftAgeDays) {
   const now = Date.now();
   const ageDays = (now - Date.parse(entity.created_at)) / MS_PER_DAY;
@@ -28186,10 +28229,11 @@ function scoreEntity(entity, relationCount, archiveBelow, deleteBelow, staleDraf
     legacy = true;
     legacyReasons.push("no graph presence");
   }
+  const boilerplateTitle = isBoilerplateTitle(entity.title);
   let bucket;
-  if (boilerplate && deleteBelow > 0) {
+  if (boilerplateTitle && deleteBelow > 0) {
     bucket = "delete";
-    reasons.push("boilerplate override");
+    reasons.push("boilerplate title override");
   } else if (score < deleteBelow)
     bucket = "delete";
   else if (score < archiveBelow)

package/dist/index.js CHANGED Viewed

@@ -5,25 +5,43 @@ var __getProtoOf = Object.getPrototypeOf;
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+function __accessProp(key) {
+  return this[key];
+}
+var __toESMCache_node;
+var __toESMCache_esm;
 var __toESM = (mod, isNodeMode, target) => {
+  var canCache = mod != null && typeof mod === "object";
+  if (canCache) {
+    var cache = isNodeMode ? __toESMCache_node ??= new WeakMap : __toESMCache_esm ??= new WeakMap;
+    var cached = cache.get(mod);
+    if (cached)
+      return cached;
+  }
   target = mod != null ? __create(__getProtoOf(mod)) : {};
   const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
   for (let key of __getOwnPropNames(mod))
     if (!__hasOwnProp.call(to, key))
       __defProp(to, key, {
-        get: () => mod[key],
+        get: __accessProp.bind(mod, key),
         enumerable: true
       });
+  if (canCache)
+    cache.set(mod, to);
   return to;
 };
 var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, {
       get: all[name],
       enumerable: true,
       configurable: true,
-      set: (newValue) => all[name] = () => newValue
+      set: __exportSetter.bind(all, name)
     });
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
@@ -6849,7 +6867,7 @@ var require_formats = __commonJS((exports) => {
   }
   var TIME = /^(\d\d):(\d\d):(\d\d(?:\.\d+)?)(z|([+-])(\d\d)(?::?(\d\d))?)?$/i;
   function getTime(strictTimeZone) {
-    return function time(str) {
+    return function time3(str) {
       const matches = TIME.exec(str);
       if (!matches)
         return false;
@@ -24812,16 +24830,31 @@ async function requestWithBearer(apiUrl, bearerToken, method, path, body) {
   return result;
 }
+class HarmonyUnauthorizedError extends Error {
+  constructor(message = "Invalid or expired credentials") {
+    super(message);
+    this.name = "HarmonyUnauthorizedError";
+  }
+}
 class HarmonyApiClient {
   apiKey;
   apiUrl;
+  onUnauthorized;
   constructor(options) {
     this.apiKey = options?.apiKey ?? getApiKey();
     this.apiUrl = options?.apiUrl ?? getApiUrl();
+    this.onUnauthorized = options?.onUnauthorized;
   }
   getApiUrl() {
     return this.apiUrl;
   }
+  setApiKey(apiKey) {
+    this.apiKey = apiKey;
+  }
+  getApiKey() {
+    return this.apiKey;
+  }
   async request(method, path, body, options) {
     await requestSemaphore.acquire();
     try {
@@ -24868,6 +24901,10 @@ class HarmonyApiClient {
         }
         if (!response.ok) {
           const errorMsg = data?.error || (looksLikeJson ? null : `API error: ${response.status} (non-JSON response)`) || `API error: ${response.status}`;
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }
@@ -24917,6 +24954,10 @@ class HarmonyApiClient {
           } catch {
             errorMsg = text || `API error: ${response.status}`;
           }
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }
@@ -25848,23 +25889,25 @@ var BATCH_SIZE = 100;
 var CONCURRENCY_LIMIT = 5;
 var BOILERPLATE_PATTERNS = [
   /^todo:?$/i,
-  /^placeholder/i,
+  /^placeholder(\s+\d+|:)?$/i,
   /^\.\.\.$/,
-  /^untitled/i,
-  /^(note|memo|draft)\s*\d*$/i,
+  /^untitled(\s+\d+|:)?$/i,
+  /^(note|memo|draft)\s+\d+$/i,
   /^task transition:/i
 ];
-function isBoilerplate(title, content) {
+function isBoilerplateTitle(title) {
   const t = title.trim();
-  const c = content.trim();
-  if (c.length === 0)
-    return true;
   for (const pat of BOILERPLATE_PATTERNS) {
     if (pat.test(t))
       return true;
   }
   return false;
 }
+function isBoilerplate(title, content) {
+  if (content.trim().length === 0)
+    return true;
+  return isBoilerplateTitle(title);
+}
 function scoreEntity(entity, relationCount, archiveBelow, deleteBelow, staleDraftAgeDays) {
   const now = Date.now();
   const ageDays = (now - Date.parse(entity.created_at)) / MS_PER_DAY;
@@ -25946,10 +25989,11 @@ function scoreEntity(entity, relationCount, archiveBelow, deleteBelow, staleDraf
     legacy = true;
     legacyReasons.push("no graph presence");
   }
+  const boilerplateTitle = isBoilerplateTitle(entity.title);
   let bucket;
-  if (boilerplate && deleteBelow > 0) {
+  if (boilerplateTitle && deleteBelow > 0) {
     bucket = "delete";
-    reasons.push("boilerplate override");
+    reasons.push("boilerplate title override");
   } else if (score < deleteBelow)
     bucket = "delete";
   else if (score < archiveBelow)

package/dist/lib/api-client.js CHANGED Viewed

@@ -1,11 +1,15 @@
 var __defProp = Object.defineProperty;
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, {
       get: all[name],
       enumerable: true,
       configurable: true,
-      set: (newValue) => all[name] = () => newValue
+      set: __exportSetter.bind(all, name)
     });
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);
@@ -1570,16 +1574,31 @@ async function requestWithBearer(apiUrl, bearerToken, method, path, body) {
   return result;
 }
+class HarmonyUnauthorizedError extends Error {
+  constructor(message = "Invalid or expired credentials") {
+    super(message);
+    this.name = "HarmonyUnauthorizedError";
+  }
+}
 class HarmonyApiClient {
   apiKey;
   apiUrl;
+  onUnauthorized;
   constructor(options) {
     this.apiKey = options?.apiKey ?? getApiKey();
     this.apiUrl = options?.apiUrl ?? getApiUrl();
+    this.onUnauthorized = options?.onUnauthorized;
   }
   getApiUrl() {
     return this.apiUrl;
   }
+  setApiKey(apiKey) {
+    this.apiKey = apiKey;
+  }
+  getApiKey() {
+    return this.apiKey;
+  }
   async request(method, path, body, options) {
     await requestSemaphore.acquire();
     try {
@@ -1626,6 +1645,10 @@ class HarmonyApiClient {
         }
         if (!response.ok) {
           const errorMsg = data?.error || (looksLikeJson ? null : `API error: ${response.status} (non-JSON response)`) || `API error: ${response.status}`;
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }
@@ -1675,6 +1698,10 @@ class HarmonyApiClient {
           } catch {
             errorMsg = text || `API error: ${response.status}`;
           }
+          if (response.status === 401) {
+            this.onUnauthorized?.();
+            throw new HarmonyUnauthorizedError(errorMsg);
+          }
           if (!isRetryableError(null, response.status)) {
             throw new Error(errorMsg);
           }
@@ -2136,5 +2163,6 @@ export {
   resetClient,
   requestWithBearer,
   getClient,
+  HarmonyUnauthorizedError,
   HarmonyApiClient
 };

package/dist/lib/config.js CHANGED Viewed

@@ -1,11 +1,15 @@
 var __defProp = Object.defineProperty;
+var __returnValue = (v) => v;
+function __exportSetter(name, newValue) {
+  this[name] = __returnValue.bind(null, newValue);
+}
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, {
       get: all[name],
       enumerable: true,
       configurable: true,
-      set: (newValue) => all[name] = () => newValue
+      set: __exportSetter.bind(all, name)
     });
 };
 var __esm = (fn, res) => () => (fn && (res = fn(fn = 0)), res);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@gethmy/mcp",
-  "version": "2.4.4",
+  "version": "2.4.7",
   "description": "MCP server for Harmony Kanban board - enables AI coding agents to manage your boards",
   "publishConfig": {
     "access": "public"

package/src/__tests__/memory-audit.test.ts CHANGED Viewed

@@ -312,7 +312,89 @@ describe("runMemoryAudit", () => {
     });
     expect(report.summary.delete).toBe(1);
     expect(deletedIds).toContain("promoted-junk");
-    expect(report.lowest[0].reasons).toContain("boilerplate override");
+    expect(report.lowest[0].reasons).toContain("boilerplate title override");
+  });
+  test("legitimate titles starting with boilerplate-prefix words are NOT deleted", async () => {
+    // Regression test for the over-broad regex bug. Pre-fix patterns matched
+    // any title starting with "Placeholder", "Untitled", "Note", etc. After
+    // tightening, only exact boilerplate forms (with optional digit suffix
+    // or colon) match — real titles survive.
+    const { client, deletedIds } = makeMockClient(
+      [
+        {
+          id: "legit-placeholder",
+          type: "pattern",
+          title: "Placeholder pattern in React Suspense",
+          content:
+            "Use React.Suspense with a fallback component as the placeholder pattern for streaming SSR.",
+          confidence: 0.9,
+          memory_tier: "reference",
+          access_count: 12,
+          last_accessed_at: daysAgo(1),
+          created_at: daysAgo(60),
+          tags: ["react", "ssr"],
+          embedding: [0.1],
+        },
+        {
+          id: "legit-untitled",
+          type: "context",
+          title: "UntitledMaster.fig — design source for the homepage",
+          content:
+            "Reference Figma file containing master components for landing page assets.",
+          confidence: 0.85,
+          memory_tier: "reference",
+          access_count: 8,
+          last_accessed_at: daysAgo(2),
+          created_at: daysAgo(45),
+          tags: ["design"],
+          embedding: [0.1],
+        },
+        {
+          id: "legit-note",
+          type: "context",
+          title: "Note: schema migration order matters",
+          content: "Always run 0042 before 0043 because of FK dependency.",
+          confidence: 0.8,
+          memory_tier: "reference",
+          access_count: 5,
+          last_accessed_at: daysAgo(3),
+          created_at: daysAgo(30),
+          tags: ["db"],
+          embedding: [0.1],
+        },
+      ],
+      { "legit-placeholder": 3, "legit-untitled": 2, "legit-note": 1 },
+    );
+    const report = await runMemoryAudit(client, "ws-1", undefined, {
+      dryRun: false,
+    });
+    expect(deletedIds).toHaveLength(0);
+    expect(report.summary.delete).toBe(0);
+  });
+  test("empty-content draft with real title is NOT delete-bucketed", async () => {
+    // Users sometimes save a draft with title only and fill content later.
+    // The override is title-only, so empty content alone must not delete.
+    const { client, deletedIds } = makeMockClient([
+      {
+        id: "draft-empty-body",
+        type: "decision",
+        title: "Decision: skip Q3 launch",
+        content: "",
+        confidence: 0.7,
+        memory_tier: "draft",
+        access_count: 1,
+        last_accessed_at: daysAgo(1),
+        created_at: daysAgo(2),
+        tags: ["q3"],
+        embedding: null,
+      },
+    ]);
+    await runMemoryAudit(client, "ws-1", undefined, { dryRun: false });
+    expect(deletedIds).not.toContain("draft-empty-body");
   });
   test("boilerplate override respects deleteBelow=0 escape hatch", async () => {