@hailer/mcp 1.2.1 → 2.0.0-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/agents/agent-hailer-helper.md +118 -0
- package/.claude/commands/app-squad.md +16 -110
- package/.claude/commands/debug-squad.md +13 -290
- package/.claude/commands/publish.md +2 -2
- package/.claude/commands/review-squad.md +17 -139
- package/.claude/skills/create-and-publish-app/SKILL.md +105 -151
- package/.claude/skills/hailer-app-builder/SKILL.md +2 -2
- package/.claude/skills/hailer-ui-guide/SKILL.md +265 -0
- package/.env.example +50 -1
- package/CLAUDE.md +138 -10
- package/dist/app.d.ts.map +1 -1
- package/dist/app.js +3 -0
- package/dist/app.js.map +1 -1
- package/dist/bot/bot-manager.d.ts +9 -6
- package/dist/bot/bot-manager.d.ts.map +1 -1
- package/dist/bot/bot-manager.js +142 -31
- package/dist/bot/bot-manager.js.map +1 -1
- package/dist/bot/bot.d.ts +59 -16
- package/dist/bot/bot.d.ts.map +1 -1
- package/dist/bot/bot.js +889 -142
- package/dist/bot/bot.js.map +1 -1
- package/dist/bot/operation-logger.d.ts.map +1 -1
- package/dist/bot/operation-logger.js +24 -12
- package/dist/bot/operation-logger.js.map +1 -1
- package/dist/bot/services/bot-permissions.d.ts +2 -2
- package/dist/bot/services/bot-permissions.d.ts.map +1 -1
- package/dist/bot/services/bot-permissions.js +28 -9
- package/dist/bot/services/bot-permissions.js.map +1 -1
- package/dist/bot/services/conversation-manager.d.ts +23 -23
- package/dist/bot/services/conversation-manager.d.ts.map +1 -1
- package/dist/bot/services/conversation-manager.js +52 -49
- package/dist/bot/services/conversation-manager.js.map +1 -1
- package/dist/bot/services/helper-prompt.d.ts +8 -0
- package/dist/bot/services/helper-prompt.d.ts.map +1 -0
- package/dist/bot/services/helper-prompt.js +177 -0
- package/dist/bot/services/helper-prompt.js.map +1 -0
- package/dist/bot/services/message-classifier.d.ts +16 -16
- package/dist/bot/services/message-classifier.d.ts.map +1 -1
- package/dist/bot/services/message-classifier.js +55 -49
- package/dist/bot/services/message-classifier.js.map +1 -1
- package/dist/bot/services/message-formatter.d.ts +38 -38
- package/dist/bot/services/message-formatter.d.ts.map +1 -1
- package/dist/bot/services/message-formatter.js +81 -74
- package/dist/bot/services/message-formatter.js.map +1 -1
- package/dist/bot/services/permission-guard.d.ts.map +1 -1
- package/dist/bot/services/permission-guard.js +20 -10
- package/dist/bot/services/permission-guard.js.map +1 -1
- package/dist/bot/services/signal-router.d.ts.map +1 -1
- package/dist/bot/services/signal-router.js +11 -6
- package/dist/bot/services/signal-router.js.map +1 -1
- package/dist/bot/services/system-prompt.d.ts +14 -0
- package/dist/bot/services/system-prompt.d.ts.map +1 -1
- package/dist/bot/services/system-prompt.js +179 -4
- package/dist/bot/services/system-prompt.js.map +1 -1
- package/dist/bot/services/token-billing.d.ts +23 -23
- package/dist/bot/services/token-billing.d.ts.map +1 -1
- package/dist/bot/services/token-billing.js +51 -36
- package/dist/bot/services/token-billing.js.map +1 -1
- package/dist/bot/services/types.d.ts +3 -1
- package/dist/bot/services/types.d.ts.map +1 -1
- package/dist/bot/services/typing-indicator.d.ts +8 -8
- package/dist/bot/services/typing-indicator.d.ts.map +1 -1
- package/dist/bot/services/typing-indicator.js +12 -10
- package/dist/bot/services/typing-indicator.js.map +1 -1
- package/dist/bot/services/workspace-refresh.d.ts +3 -3
- package/dist/bot/services/workspace-refresh.d.ts.map +1 -1
- package/dist/bot/services/workspace-refresh.js +23 -13
- package/dist/bot/services/workspace-refresh.js.map +1 -1
- package/dist/bot/tool-executor.d.ts +10 -6
- package/dist/bot/tool-executor.d.ts.map +1 -1
- package/dist/bot/tool-executor.js +12 -6
- package/dist/bot/tool-executor.js.map +1 -1
- package/dist/bot/workspace-overview.d.ts.map +1 -1
- package/dist/bot/workspace-overview.js +6 -3
- package/dist/bot/workspace-overview.js.map +1 -1
- package/dist/bot-config/activity-error.d.ts +47 -0
- package/dist/bot-config/activity-error.d.ts.map +1 -0
- package/dist/bot-config/activity-error.js +67 -0
- package/dist/bot-config/activity-error.js.map +1 -0
- package/dist/bot-config/context.d.ts +4 -4
- package/dist/bot-config/context.d.ts.map +1 -1
- package/dist/bot-config/context.js +18 -14
- package/dist/bot-config/context.js.map +1 -1
- package/dist/bot-config/events.d.ts +45 -0
- package/dist/bot-config/events.d.ts.map +1 -0
- package/dist/bot-config/events.js +51 -0
- package/dist/bot-config/events.js.map +1 -0
- package/dist/bot-config/index.d.ts +3 -0
- package/dist/bot-config/index.d.ts.map +1 -1
- package/dist/bot-config/index.js +8 -1
- package/dist/bot-config/index.js.map +1 -1
- package/dist/bot-config/loader.d.ts +3 -0
- package/dist/bot-config/loader.d.ts.map +1 -1
- package/dist/bot-config/loader.js +45 -20
- package/dist/bot-config/loader.js.map +1 -1
- package/dist/bot-config/persistence.js.map +1 -1
- package/dist/bot-config/reconciler.d.ts +11 -0
- package/dist/bot-config/reconciler.d.ts.map +1 -0
- package/dist/bot-config/reconciler.js +121 -0
- package/dist/bot-config/reconciler.js.map +1 -0
- package/dist/bot-config/state.d.ts.map +1 -1
- package/dist/bot-config/state.js.map +1 -1
- package/dist/bot-config/types.d.ts +32 -0
- package/dist/bot-config/types.d.ts.map +1 -1
- package/dist/bot-config/webhooks.d.ts.map +1 -1
- package/dist/bot-config/webhooks.js.map +1 -1
- package/dist/bot-config/workflow-installer.d.ts +37 -0
- package/dist/bot-config/workflow-installer.d.ts.map +1 -0
- package/dist/bot-config/workflow-installer.js +346 -0
- package/dist/bot-config/workflow-installer.js.map +1 -0
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +54 -0
- package/dist/cli.js.map +1 -1
- package/dist/config.d.ts +23 -19
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +65 -27
- package/dist/config.js.map +1 -1
- package/dist/core.d.ts +6 -4
- package/dist/core.d.ts.map +1 -1
- package/dist/core.js +11 -16
- package/dist/core.js.map +1 -1
- package/dist/lib/logger.d.ts.map +1 -1
- package/dist/lib/logger.js +7 -4
- package/dist/lib/logger.js.map +1 -1
- package/dist/lib/request-logger.d.ts +19 -19
- package/dist/lib/request-logger.d.ts.map +1 -1
- package/dist/lib/request-logger.js +19 -19
- package/dist/lib/request-logger.js.map +1 -1
- package/dist/mcp/UserContextCache.d.ts +28 -22
- package/dist/mcp/UserContextCache.d.ts.map +1 -1
- package/dist/mcp/UserContextCache.js +23 -23
- package/dist/mcp/UserContextCache.js.map +1 -1
- package/dist/mcp/auth.js.map +1 -1
- package/dist/mcp/hailer-clients.d.ts +5 -4
- package/dist/mcp/hailer-clients.d.ts.map +1 -1
- package/dist/mcp/hailer-clients.js +61 -27
- package/dist/mcp/hailer-clients.js.map +1 -1
- package/dist/mcp/hailer-rpc.d.ts +40 -0
- package/dist/mcp/hailer-rpc.d.ts.map +1 -0
- package/dist/mcp/hailer-rpc.js +43 -0
- package/dist/mcp/hailer-rpc.js.map +1 -0
- package/dist/mcp/publish-auth-injector.d.ts +22 -0
- package/dist/mcp/publish-auth-injector.d.ts.map +1 -0
- package/dist/mcp/publish-auth-injector.js +100 -0
- package/dist/mcp/publish-auth-injector.js.map +1 -0
- package/dist/mcp/session-store.d.ts +16 -16
- package/dist/mcp/session-store.d.ts.map +1 -1
- package/dist/mcp/session-store.js +16 -16
- package/dist/mcp/session-store.js.map +1 -1
- package/dist/mcp/tool-profiles.d.ts +69 -0
- package/dist/mcp/tool-profiles.d.ts.map +1 -0
- package/dist/mcp/tool-profiles.js +176 -0
- package/dist/mcp/tool-profiles.js.map +1 -0
- package/dist/mcp/tool-registry.d.ts +16 -0
- package/dist/mcp/tool-registry.d.ts.map +1 -1
- package/dist/mcp/tool-registry.js +91 -39
- package/dist/mcp/tool-registry.js.map +1 -1
- package/dist/mcp/tools/activity.d.ts.map +1 -1
- package/dist/mcp/tools/activity.js +398 -198
- package/dist/mcp/tools/activity.js.map +1 -1
- package/dist/mcp/tools/aliases.d.ts +11 -0
- package/dist/mcp/tools/aliases.d.ts.map +1 -0
- package/dist/mcp/tools/aliases.js +176 -0
- package/dist/mcp/tools/aliases.js.map +1 -0
- package/dist/mcp/tools/app-core.d.ts +6 -8
- package/dist/mcp/tools/app-core.d.ts.map +1 -1
- package/dist/mcp/tools/app-core.js +355 -254
- package/dist/mcp/tools/app-core.js.map +1 -1
- package/dist/mcp/tools/app-marketplace.d.ts +8 -16
- package/dist/mcp/tools/app-marketplace.d.ts.map +1 -1
- package/dist/mcp/tools/app-marketplace.js +604 -930
- package/dist/mcp/tools/app-marketplace.js.map +1 -1
- package/dist/mcp/tools/app.d.ts +4 -7
- package/dist/mcp/tools/app.d.ts.map +1 -1
- package/dist/mcp/tools/app.js +4 -7
- package/dist/mcp/tools/app.js.map +1 -1
- package/dist/mcp/tools/bot-self.d.ts +21 -0
- package/dist/mcp/tools/bot-self.d.ts.map +1 -0
- package/dist/mcp/tools/bot-self.js +174 -0
- package/dist/mcp/tools/bot-self.js.map +1 -0
- package/dist/mcp/tools/calendar.d.ts +21 -0
- package/dist/mcp/tools/calendar.d.ts.map +1 -0
- package/dist/mcp/tools/calendar.js +741 -0
- package/dist/mcp/tools/calendar.js.map +1 -0
- package/dist/mcp/tools/company.d.ts.map +1 -1
- package/dist/mcp/tools/company.js +2 -1
- package/dist/mcp/tools/company.js.map +1 -1
- package/dist/mcp/tools/date.js.map +1 -1
- package/dist/mcp/tools/discussion.d.ts +23 -3
- package/dist/mcp/tools/discussion.d.ts.map +1 -1
- package/dist/mcp/tools/discussion.js +417 -534
- package/dist/mcp/tools/discussion.js.map +1 -1
- package/dist/mcp/tools/file.d.ts.map +1 -1
- package/dist/mcp/tools/file.js +18 -16
- package/dist/mcp/tools/file.js.map +1 -1
- package/dist/mcp/tools/index.js +4 -4
- package/dist/mcp/tools/index.js.map +1 -1
- package/dist/mcp/tools/insight.d.ts +7 -5
- package/dist/mcp/tools/insight.d.ts.map +1 -1
- package/dist/mcp/tools/insight.js +419 -477
- package/dist/mcp/tools/insight.js.map +1 -1
- package/dist/mcp/tools/user.d.ts.map +1 -1
- package/dist/mcp/tools/user.js +15 -13
- package/dist/mcp/tools/user.js.map +1 -1
- package/dist/mcp/tools/workflow-permissions.d.ts +2 -4
- package/dist/mcp/tools/workflow-permissions.d.ts.map +1 -1
- package/dist/mcp/tools/workflow-permissions.js +88 -97
- package/dist/mcp/tools/workflow-permissions.js.map +1 -1
- package/dist/mcp/tools/workflow.d.ts +2 -7
- package/dist/mcp/tools/workflow.d.ts.map +1 -1
- package/dist/mcp/tools/workflow.js +817 -850
- package/dist/mcp/tools/workflow.js.map +1 -1
- package/dist/mcp/utils/api-errors.d.ts.map +1 -1
- package/dist/mcp/utils/api-errors.js +2 -2
- package/dist/mcp/utils/api-errors.js.map +1 -1
- package/dist/mcp/utils/data-transformers.d.ts.map +1 -1
- package/dist/mcp/utils/data-transformers.js +8 -4
- package/dist/mcp/utils/data-transformers.js.map +1 -1
- package/dist/mcp/utils/file-upload.d.ts.map +1 -1
- package/dist/mcp/utils/file-upload.js +1 -1
- package/dist/mcp/utils/file-upload.js.map +1 -1
- package/dist/mcp/utils/hailer-api-client.d.ts +81 -81
- package/dist/mcp/utils/hailer-api-client.d.ts.map +1 -1
- package/dist/mcp/utils/hailer-api-client.js +103 -101
- package/dist/mcp/utils/hailer-api-client.js.map +1 -1
- package/dist/mcp/utils/index.d.ts.map +1 -1
- package/dist/mcp/utils/index.js.map +1 -1
- package/dist/mcp/utils/logger.d.ts.map +1 -1
- package/dist/mcp/utils/logger.js.map +1 -1
- package/dist/mcp/utils/response-builder.d.ts.map +1 -1
- package/dist/mcp/utils/response-builder.js +8 -4
- package/dist/mcp/utils/response-builder.js.map +1 -1
- package/dist/mcp/utils/role-utils.d.ts.map +1 -1
- package/dist/mcp/utils/role-utils.js +6 -3
- package/dist/mcp/utils/role-utils.js.map +1 -1
- package/dist/mcp/utils/tool-helpers.d.ts.map +1 -1
- package/dist/mcp/utils/tool-helpers.js +2 -2
- package/dist/mcp/utils/tool-helpers.js.map +1 -1
- package/dist/mcp/utils/types.d.ts +1 -1
- package/dist/mcp/utils/types.d.ts.map +1 -1
- package/dist/mcp/utils/types.js.map +1 -1
- package/dist/mcp/webhook-handler.d.ts +43 -8
- package/dist/mcp/webhook-handler.d.ts.map +1 -1
- package/dist/mcp/webhook-handler.js +861 -116
- package/dist/mcp/webhook-handler.js.map +1 -1
- package/dist/mcp/workspace-admin-store.d.ts +49 -0
- package/dist/mcp/workspace-admin-store.d.ts.map +1 -0
- package/dist/mcp/workspace-admin-store.js +168 -0
- package/dist/mcp/workspace-admin-store.js.map +1 -0
- package/dist/mcp/workspace-cache.d.ts +2 -2
- package/dist/mcp/workspace-cache.d.ts.map +1 -1
- package/dist/mcp/workspace-cache.js +9 -5
- package/dist/mcp/workspace-cache.js.map +1 -1
- package/dist/mcp-server.d.ts +26 -11
- package/dist/mcp-server.d.ts.map +1 -1
- package/dist/mcp-server.js +360 -36
- package/dist/mcp-server.js.map +1 -1
- package/dist/plugins/vipunen/client.d.ts +41 -41
- package/dist/plugins/vipunen/client.d.ts.map +1 -1
- package/dist/plugins/vipunen/client.js +53 -48
- package/dist/plugins/vipunen/client.js.map +1 -1
- package/dist/plugins/vipunen/index.js.map +1 -1
- package/dist/plugins/vipunen/tools.d.ts.map +1 -1
- package/dist/plugins/vipunen/tools.js +6 -3
- package/dist/plugins/vipunen/tools.js.map +1 -1
- package/dist/public-chat/graduate.d.ts +29 -0
- package/dist/public-chat/graduate.d.ts.map +1 -0
- package/dist/public-chat/graduate.js +593 -0
- package/dist/public-chat/graduate.js.map +1 -0
- package/dist/public-chat/handler.d.ts +12 -0
- package/dist/public-chat/handler.d.ts.map +1 -0
- package/dist/public-chat/handler.js +179 -0
- package/dist/public-chat/handler.js.map +1 -0
- package/dist/public-chat/index.d.ts +16 -0
- package/dist/public-chat/index.d.ts.map +1 -0
- package/dist/public-chat/index.js +74 -0
- package/dist/public-chat/index.js.map +1 -0
- package/dist/public-chat/knowledge.d.ts +3 -0
- package/dist/public-chat/knowledge.d.ts.map +1 -0
- package/dist/public-chat/knowledge.js +1339 -0
- package/dist/public-chat/knowledge.js.map +1 -0
- package/dist/public-chat/rate-limit.d.ts +16 -0
- package/dist/public-chat/rate-limit.d.ts.map +1 -0
- package/dist/public-chat/rate-limit.js +51 -0
- package/dist/public-chat/rate-limit.js.map +1 -0
- package/dist/public-chat/session-store.d.ts +41 -0
- package/dist/public-chat/session-store.d.ts.map +1 -0
- package/dist/public-chat/session-store.js +95 -0
- package/dist/public-chat/session-store.js.map +1 -0
- package/dist/public-chat/studio-prewarm.d.ts +61 -0
- package/dist/public-chat/studio-prewarm.d.ts.map +1 -0
- package/dist/public-chat/studio-prewarm.js +162 -0
- package/dist/public-chat/studio-prewarm.js.map +1 -0
- package/dist/public-chat/system-prompt.d.ts +22 -0
- package/dist/public-chat/system-prompt.d.ts.map +1 -0
- package/dist/public-chat/system-prompt.js +428 -0
- package/dist/public-chat/system-prompt.js.map +1 -0
- package/package.json +14 -7
- package/scripts/build-public-chat-knowledge.py +101 -0
- package/scripts/probe-mcp-pricing.ts +52 -0
- package/scripts/smoke-public-chat-live.ts +148 -0
- package/scripts/smoke-public-chat.ts +110 -0
- package/.claude/CLAUDE.md +0 -126
- package/.claude/commands/audit-squad.md +0 -158
- package/.claude/commands/cleanup-squad.md +0 -98
- package/.claude/commands/config-squad.md +0 -106
- package/.claude/commands/crud-squad.md +0 -87
- package/.claude/commands/data-squad.md +0 -97
- package/.claude/commands/doc-squad.md +0 -65
- package/.claude/commands/help.md +0 -29
- package/.claude/commands/help:agents.md +0 -182
- package/.claude/commands/help:commands.md +0 -78
- package/.claude/commands/help:faq.md +0 -79
- package/.claude/commands/help:plugins.md +0 -50
- package/.claude/commands/help:skills.md +0 -87
- package/.claude/commands/help:tools.md +0 -75
- package/.claude/commands/hotfix-squad.md +0 -112
- package/.claude/commands/integration-squad.md +0 -82
- package/.claude/commands/janitor-squad.md +0 -167
- package/.claude/commands/onboard-squad.md +0 -130
- package/.claude/commands/swarm.md +0 -210
- package/.claude/commands/tool-builder.md +0 -39
- package/.claude/skills/publish-hailer-app/SKILL.md +0 -280
- package/dist/CLAUDE.md +0 -370
- package/dist/agents/bot-manager.d.ts +0 -48
- package/dist/agents/bot-manager.d.ts.map +0 -1
- package/dist/agents/bot-manager.js +0 -254
- package/dist/agents/bot-manager.js.map +0 -1
- package/dist/agents/bug-fixer/ai.d.ts +0 -80
- package/dist/agents/bug-fixer/ai.d.ts.map +0 -1
- package/dist/agents/bug-fixer/ai.js +0 -466
- package/dist/agents/bug-fixer/ai.js.map +0 -1
- package/dist/agents/bug-fixer/bot.d.ts +0 -92
- package/dist/agents/bug-fixer/bot.d.ts.map +0 -1
- package/dist/agents/bug-fixer/bot.js +0 -687
- package/dist/agents/bug-fixer/bot.js.map +0 -1
- package/dist/agents/bug-fixer/config.d.ts +0 -21
- package/dist/agents/bug-fixer/config.d.ts.map +0 -1
- package/dist/agents/bug-fixer/config.js +0 -218
- package/dist/agents/bug-fixer/config.js.map +0 -1
- package/dist/agents/bug-fixer/files.d.ts +0 -67
- package/dist/agents/bug-fixer/files.d.ts.map +0 -1
- package/dist/agents/bug-fixer/files.js +0 -386
- package/dist/agents/bug-fixer/files.js.map +0 -1
- package/dist/agents/bug-fixer/git.d.ts +0 -48
- package/dist/agents/bug-fixer/git.d.ts.map +0 -1
- package/dist/agents/bug-fixer/git.js +0 -298
- package/dist/agents/bug-fixer/git.js.map +0 -1
- package/dist/agents/bug-fixer/index.d.ts +0 -103
- package/dist/agents/bug-fixer/index.d.ts.map +0 -1
- package/dist/agents/bug-fixer/index.js +0 -262
- package/dist/agents/bug-fixer/index.js.map +0 -1
- package/dist/agents/bug-fixer/lsp.d.ts +0 -113
- package/dist/agents/bug-fixer/lsp.d.ts.map +0 -1
- package/dist/agents/bug-fixer/lsp.js +0 -485
- package/dist/agents/bug-fixer/lsp.js.map +0 -1
- package/dist/agents/bug-fixer/monitor.d.ts +0 -123
- package/dist/agents/bug-fixer/monitor.d.ts.map +0 -1
- package/dist/agents/bug-fixer/monitor.js +0 -629
- package/dist/agents/bug-fixer/monitor.js.map +0 -1
- package/dist/agents/bug-fixer/prompt.d.ts +0 -5
- package/dist/agents/bug-fixer/prompt.d.ts.map +0 -1
- package/dist/agents/bug-fixer/prompt.js +0 -94
- package/dist/agents/bug-fixer/prompt.js.map +0 -1
- package/dist/agents/bug-fixer/registries/pending-classification.d.ts +0 -28
- package/dist/agents/bug-fixer/registries/pending-classification.d.ts.map +0 -1
- package/dist/agents/bug-fixer/registries/pending-classification.js +0 -50
- package/dist/agents/bug-fixer/registries/pending-classification.js.map +0 -1
- package/dist/agents/bug-fixer/registries/pending-fix.d.ts +0 -33
- package/dist/agents/bug-fixer/registries/pending-fix.d.ts.map +0 -1
- package/dist/agents/bug-fixer/registries/pending-fix.js +0 -64
- package/dist/agents/bug-fixer/registries/pending-fix.js.map +0 -1
- package/dist/agents/bug-fixer/registries/pending.d.ts +0 -27
- package/dist/agents/bug-fixer/registries/pending.d.ts.map +0 -1
- package/dist/agents/bug-fixer/registries/pending.js +0 -49
- package/dist/agents/bug-fixer/registries/pending.js.map +0 -1
- package/dist/agents/bug-fixer/specialist-daemon.d.ts +0 -88
- package/dist/agents/bug-fixer/specialist-daemon.d.ts.map +0 -1
- package/dist/agents/bug-fixer/specialist-daemon.js +0 -431
- package/dist/agents/bug-fixer/specialist-daemon.js.map +0 -1
- package/dist/agents/bug-fixer/specialist.d.ts +0 -47
- package/dist/agents/bug-fixer/specialist.d.ts.map +0 -1
- package/dist/agents/bug-fixer/specialist.js +0 -327
- package/dist/agents/bug-fixer/specialist.js.map +0 -1
- package/dist/agents/bug-fixer/types.d.ts +0 -123
- package/dist/agents/bug-fixer/types.d.ts.map +0 -1
- package/dist/agents/bug-fixer/types.js +0 -9
- package/dist/agents/bug-fixer/types.js.map +0 -1
- package/dist/agents/factory.d.ts +0 -172
- package/dist/agents/factory.d.ts.map +0 -1
- package/dist/agents/factory.js +0 -706
- package/dist/agents/factory.js.map +0 -1
- package/dist/agents/hailer-expert/index.d.ts +0 -8
- package/dist/agents/hailer-expert/index.d.ts.map +0 -1
- package/dist/agents/hailer-expert/index.js +0 -14
- package/dist/agents/hailer-expert/index.js.map +0 -1
- package/dist/agents/hal/daemon.d.ts +0 -174
- package/dist/agents/hal/daemon.d.ts.map +0 -1
- package/dist/agents/hal/daemon.js +0 -1385
- package/dist/agents/hal/daemon.js.map +0 -1
- package/dist/agents/hal/definitions.d.ts +0 -42
- package/dist/agents/hal/definitions.d.ts.map +0 -1
- package/dist/agents/hal/definitions.js +0 -300
- package/dist/agents/hal/definitions.js.map +0 -1
- package/dist/agents/hal/index.d.ts +0 -3
- package/dist/agents/hal/index.d.ts.map +0 -1
- package/dist/agents/hal/index.js +0 -8
- package/dist/agents/hal/index.js.map +0 -1
- package/dist/agents/index.d.ts +0 -18
- package/dist/agents/index.d.ts.map +0 -1
- package/dist/agents/index.js +0 -48
- package/dist/agents/index.js.map +0 -1
- package/dist/agents/shared/base.d.ts +0 -253
- package/dist/agents/shared/base.d.ts.map +0 -1
- package/dist/agents/shared/base.js +0 -1122
- package/dist/agents/shared/base.js.map +0 -1
- package/dist/agents/shared/schemas/action-schema.d.ts +0 -62
- package/dist/agents/shared/schemas/action-schema.d.ts.map +0 -1
- package/dist/agents/shared/schemas/action-schema.js +0 -483
- package/dist/agents/shared/schemas/action-schema.js.map +0 -1
- package/dist/agents/shared/services/agent-registry.d.ts +0 -108
- package/dist/agents/shared/services/agent-registry.d.ts.map +0 -1
- package/dist/agents/shared/services/agent-registry.js +0 -469
- package/dist/agents/shared/services/agent-registry.js.map +0 -1
- package/dist/agents/shared/services/conversation-manager.d.ts +0 -57
- package/dist/agents/shared/services/conversation-manager.d.ts.map +0 -1
- package/dist/agents/shared/services/conversation-manager.js +0 -168
- package/dist/agents/shared/services/conversation-manager.js.map +0 -1
- package/dist/agents/shared/services/mcp-client.d.ts +0 -56
- package/dist/agents/shared/services/mcp-client.d.ts.map +0 -1
- package/dist/agents/shared/services/mcp-client.js +0 -124
- package/dist/agents/shared/services/mcp-client.js.map +0 -1
- package/dist/agents/shared/services/message-classifier.d.ts +0 -37
- package/dist/agents/shared/services/message-classifier.d.ts.map +0 -1
- package/dist/agents/shared/services/message-classifier.js +0 -203
- package/dist/agents/shared/services/message-classifier.js.map +0 -1
- package/dist/agents/shared/services/message-formatter.d.ts +0 -89
- package/dist/agents/shared/services/message-formatter.d.ts.map +0 -1
- package/dist/agents/shared/services/message-formatter.js +0 -390
- package/dist/agents/shared/services/message-formatter.js.map +0 -1
- package/dist/agents/shared/services/session-logger.d.ts +0 -162
- package/dist/agents/shared/services/session-logger.d.ts.map +0 -1
- package/dist/agents/shared/services/session-logger.js +0 -724
- package/dist/agents/shared/services/session-logger.js.map +0 -1
- package/dist/agents/shared/services/structured-output-executor.d.ts +0 -88
- package/dist/agents/shared/services/structured-output-executor.d.ts.map +0 -1
- package/dist/agents/shared/services/structured-output-executor.js +0 -296
- package/dist/agents/shared/services/structured-output-executor.js.map +0 -1
- package/dist/agents/shared/services/token-billing.d.ts +0 -72
- package/dist/agents/shared/services/token-billing.d.ts.map +0 -1
- package/dist/agents/shared/services/token-billing.js +0 -198
- package/dist/agents/shared/services/token-billing.js.map +0 -1
- package/dist/agents/shared/services/tool-executor.d.ts +0 -43
- package/dist/agents/shared/services/tool-executor.d.ts.map +0 -1
- package/dist/agents/shared/services/tool-executor.js +0 -175
- package/dist/agents/shared/services/tool-executor.js.map +0 -1
- package/dist/agents/shared/services/typing-indicator.d.ts +0 -24
- package/dist/agents/shared/services/typing-indicator.d.ts.map +0 -1
- package/dist/agents/shared/services/typing-indicator.js +0 -54
- package/dist/agents/shared/services/typing-indicator.js.map +0 -1
- package/dist/agents/shared/services/workspace-schema-cache.d.ts +0 -122
- package/dist/agents/shared/services/workspace-schema-cache.d.ts.map +0 -1
- package/dist/agents/shared/services/workspace-schema-cache.js +0 -507
- package/dist/agents/shared/services/workspace-schema-cache.js.map +0 -1
- package/dist/agents/shared/specialist.d.ts +0 -91
- package/dist/agents/shared/specialist.d.ts.map +0 -1
- package/dist/agents/shared/specialist.js +0 -399
- package/dist/agents/shared/specialist.js.map +0 -1
- package/dist/agents/shared/tool-schema-loader.d.ts +0 -65
- package/dist/agents/shared/tool-schema-loader.d.ts.map +0 -1
- package/dist/agents/shared/tool-schema-loader.js +0 -238
- package/dist/agents/shared/tool-schema-loader.js.map +0 -1
- package/dist/agents/shared/types.d.ts +0 -190
- package/dist/agents/shared/types.d.ts.map +0 -1
- package/dist/agents/shared/types.js +0 -13
- package/dist/agents/shared/types.js.map +0 -1
- package/dist/bot/bot-config.d.ts +0 -37
- package/dist/bot/bot-config.d.ts.map +0 -1
- package/dist/bot/bot-config.js +0 -219
- package/dist/bot/bot-config.js.map +0 -1
- package/dist/bot/services/__tests__/permission-guard.test.d.ts +0 -2
- package/dist/bot/services/__tests__/permission-guard.test.d.ts.map +0 -1
- package/dist/bot/services/__tests__/permission-guard.test.js +0 -357
- package/dist/bot/services/__tests__/permission-guard.test.js.map +0 -1
- package/dist/bot/services/session-logger.d.ts +0 -162
- package/dist/bot/services/session-logger.d.ts.map +0 -1
- package/dist/bot/services/session-logger.js +0 -724
- package/dist/bot/services/session-logger.js.map +0 -1
- package/dist/bot/services/workspace-schema-cache.d.ts +0 -122
- package/dist/bot/services/workspace-schema-cache.d.ts.map +0 -1
- package/dist/bot/services/workspace-schema-cache.js +0 -506
- package/dist/bot/services/workspace-schema-cache.js.map +0 -1
- package/dist/bot-config/tools.d.ts +0 -28
- package/dist/bot-config/tools.d.ts.map +0 -1
- package/dist/bot-config/tools.js +0 -279
- package/dist/bot-config/tools.js.map +0 -1
- package/dist/client/agents/base.d.ts +0 -207
- package/dist/client/agents/base.d.ts.map +0 -1
- package/dist/client/agents/base.js +0 -744
- package/dist/client/agents/base.js.map +0 -1
- package/dist/client/agents/definitions.d.ts +0 -53
- package/dist/client/agents/definitions.d.ts.map +0 -1
- package/dist/client/agents/definitions.js +0 -263
- package/dist/client/agents/definitions.js.map +0 -1
- package/dist/client/agents/orchestrator.d.ts +0 -141
- package/dist/client/agents/orchestrator.d.ts.map +0 -1
- package/dist/client/agents/orchestrator.js +0 -1062
- package/dist/client/agents/orchestrator.js.map +0 -1
- package/dist/client/agents/specialist.d.ts +0 -86
- package/dist/client/agents/specialist.d.ts.map +0 -1
- package/dist/client/agents/specialist.js +0 -340
- package/dist/client/agents/specialist.js.map +0 -1
- package/dist/client/bot-entrypoint.d.ts +0 -7
- package/dist/client/bot-entrypoint.d.ts.map +0 -1
- package/dist/client/bot-entrypoint.js +0 -103
- package/dist/client/bot-entrypoint.js.map +0 -1
- package/dist/client/bot-manager.d.ts +0 -44
- package/dist/client/bot-manager.d.ts.map +0 -1
- package/dist/client/bot-manager.js +0 -173
- package/dist/client/bot-manager.js.map +0 -1
- package/dist/client/bot-runner.d.ts +0 -35
- package/dist/client/bot-runner.d.ts.map +0 -1
- package/dist/client/bot-runner.js +0 -188
- package/dist/client/bot-runner.js.map +0 -1
- package/dist/client/chat-agent-daemon.d.ts +0 -464
- package/dist/client/chat-agent-daemon.d.ts.map +0 -1
- package/dist/client/chat-agent-daemon.js +0 -1774
- package/dist/client/chat-agent-daemon.js.map +0 -1
- package/dist/client/daemon-factory.d.ts +0 -106
- package/dist/client/daemon-factory.d.ts.map +0 -1
- package/dist/client/daemon-factory.js +0 -301
- package/dist/client/daemon-factory.js.map +0 -1
- package/dist/client/factory.d.ts +0 -111
- package/dist/client/factory.d.ts.map +0 -1
- package/dist/client/factory.js +0 -314
- package/dist/client/factory.js.map +0 -1
- package/dist/client/index.d.ts +0 -17
- package/dist/client/index.d.ts.map +0 -1
- package/dist/client/index.js +0 -38
- package/dist/client/index.js.map +0 -1
- package/dist/client/multi-bot-manager.d.ts +0 -42
- package/dist/client/multi-bot-manager.d.ts.map +0 -1
- package/dist/client/multi-bot-manager.js +0 -161
- package/dist/client/multi-bot-manager.js.map +0 -1
- package/dist/client/orchestrator-daemon.d.ts +0 -87
- package/dist/client/orchestrator-daemon.d.ts.map +0 -1
- package/dist/client/orchestrator-daemon.js +0 -444
- package/dist/client/orchestrator-daemon.js.map +0 -1
- package/dist/client/server.d.ts +0 -8
- package/dist/client/server.d.ts.map +0 -1
- package/dist/client/server.js +0 -251
- package/dist/client/server.js.map +0 -1
- package/dist/client/services/agent-registry.d.ts +0 -108
- package/dist/client/services/agent-registry.d.ts.map +0 -1
- package/dist/client/services/agent-registry.js +0 -630
- package/dist/client/services/agent-registry.js.map +0 -1
- package/dist/client/services/conversation-manager.d.ts +0 -50
- package/dist/client/services/conversation-manager.d.ts.map +0 -1
- package/dist/client/services/conversation-manager.js +0 -136
- package/dist/client/services/conversation-manager.js.map +0 -1
- package/dist/client/services/mcp-client.d.ts +0 -48
- package/dist/client/services/mcp-client.d.ts.map +0 -1
- package/dist/client/services/mcp-client.js +0 -105
- package/dist/client/services/mcp-client.js.map +0 -1
- package/dist/client/services/message-classifier.d.ts +0 -37
- package/dist/client/services/message-classifier.d.ts.map +0 -1
- package/dist/client/services/message-classifier.js +0 -187
- package/dist/client/services/message-classifier.js.map +0 -1
- package/dist/client/services/message-formatter.d.ts +0 -84
- package/dist/client/services/message-formatter.d.ts.map +0 -1
- package/dist/client/services/message-formatter.js +0 -353
- package/dist/client/services/message-formatter.js.map +0 -1
- package/dist/client/services/session-logger.d.ts +0 -106
- package/dist/client/services/session-logger.d.ts.map +0 -1
- package/dist/client/services/session-logger.js +0 -446
- package/dist/client/services/session-logger.js.map +0 -1
- package/dist/client/services/tool-executor.d.ts +0 -41
- package/dist/client/services/tool-executor.d.ts.map +0 -1
- package/dist/client/services/tool-executor.js +0 -169
- package/dist/client/services/tool-executor.js.map +0 -1
- package/dist/client/services/workspace-schema-cache.d.ts +0 -149
- package/dist/client/services/workspace-schema-cache.d.ts.map +0 -1
- package/dist/client/services/workspace-schema-cache.js +0 -732
- package/dist/client/services/workspace-schema-cache.js.map +0 -1
- package/dist/client/specialist-daemon.d.ts +0 -77
- package/dist/client/specialist-daemon.d.ts.map +0 -1
- package/dist/client/specialist-daemon.js +0 -197
- package/dist/client/specialist-daemon.js.map +0 -1
- package/dist/client/specialists.d.ts +0 -53
- package/dist/client/specialists.d.ts.map +0 -1
- package/dist/client/specialists.js +0 -178
- package/dist/client/specialists.js.map +0 -1
- package/dist/client/tool-schema-loader.d.ts +0 -62
- package/dist/client/tool-schema-loader.d.ts.map +0 -1
- package/dist/client/tool-schema-loader.js +0 -232
- package/dist/client/tool-schema-loader.js.map +0 -1
- package/dist/client/types.d.ts +0 -327
- package/dist/client/types.d.ts.map +0 -1
- package/dist/client/types.js +0 -121
- package/dist/client/types.js.map +0 -1
- package/dist/commands/seed-config.d.ts +0 -9
- package/dist/commands/seed-config.d.ts.map +0 -1
- package/dist/commands/seed-config.js +0 -377
- package/dist/commands/seed-config.js.map +0 -1
- package/dist/commands/setup.d.ts +0 -11
- package/dist/commands/setup.d.ts.map +0 -1
- package/dist/commands/setup.js +0 -320
- package/dist/commands/setup.js.map +0 -1
- package/dist/lib/discussion-lock.d.ts +0 -42
- package/dist/lib/discussion-lock.d.ts.map +0 -1
- package/dist/lib/discussion-lock.js +0 -110
- package/dist/lib/discussion-lock.js.map +0 -1
- package/dist/mcp/signal-handler.d.ts +0 -82
- package/dist/mcp/signal-handler.d.ts.map +0 -1
- package/dist/mcp/signal-handler.js +0 -406
- package/dist/mcp/signal-handler.js.map +0 -1
- package/dist/mcp/tools/__tests__/discussion-forward.test.d.ts +0 -2
- package/dist/mcp/tools/__tests__/discussion-forward.test.d.ts.map +0 -1
- package/dist/mcp/tools/__tests__/discussion-forward.test.js +0 -218
- package/dist/mcp/tools/__tests__/discussion-forward.test.js.map +0 -1
- package/dist/mcp/tools/app-member.d.ts +0 -14
- package/dist/mcp/tools/app-member.d.ts.map +0 -1
- package/dist/mcp/tools/app-member.js +0 -195
- package/dist/mcp/tools/app-member.js.map +0 -1
- package/dist/mcp/tools/app-scaffold.d.ts +0 -14
- package/dist/mcp/tools/app-scaffold.d.ts.map +0 -1
- package/dist/mcp/tools/app-scaffold.js +0 -581
- package/dist/mcp/tools/app-scaffold.js.map +0 -1
- package/dist/mcp/tools/bot-config/constants.d.ts +0 -23
- package/dist/mcp/tools/bot-config/constants.d.ts.map +0 -1
- package/dist/mcp/tools/bot-config/constants.js +0 -94
- package/dist/mcp/tools/bot-config/constants.js.map +0 -1
- package/dist/mcp/tools/bot-config/core.d.ts +0 -253
- package/dist/mcp/tools/bot-config/core.d.ts.map +0 -1
- package/dist/mcp/tools/bot-config/core.js +0 -2456
- package/dist/mcp/tools/bot-config/core.js.map +0 -1
- package/dist/mcp/tools/bot-config/index.d.ts +0 -10
- package/dist/mcp/tools/bot-config/index.d.ts.map +0 -1
- package/dist/mcp/tools/bot-config/index.js +0 -59
- package/dist/mcp/tools/bot-config/index.js.map +0 -1
- package/dist/mcp/tools/bot-config/tools.d.ts +0 -7
- package/dist/mcp/tools/bot-config/tools.d.ts.map +0 -1
- package/dist/mcp/tools/bot-config/tools.js +0 -15
- package/dist/mcp/tools/bot-config/tools.js.map +0 -1
- package/dist/mcp/tools/bot-config/types.d.ts +0 -50
- package/dist/mcp/tools/bot-config/types.d.ts.map +0 -1
- package/dist/mcp/tools/bot-config/types.js +0 -6
- package/dist/mcp/tools/bot-config/types.js.map +0 -1
- package/dist/mcp/tools/bug-fixer-tools.d.ts +0 -45
- package/dist/mcp/tools/bug-fixer-tools.d.ts.map +0 -1
- package/dist/mcp/tools/bug-fixer-tools.js +0 -1096
- package/dist/mcp/tools/bug-fixer-tools.js.map +0 -1
- package/dist/mcp/tools/document.d.ts +0 -11
- package/dist/mcp/tools/document.d.ts.map +0 -1
- package/dist/mcp/tools/document.js +0 -741
- package/dist/mcp/tools/document.js.map +0 -1
- package/dist/mcp/tools/investigate.d.ts +0 -9
- package/dist/mcp/tools/investigate.d.ts.map +0 -1
- package/dist/mcp/tools/investigate.js +0 -254
- package/dist/mcp/tools/investigate.js.map +0 -1
- package/dist/mcp/utils/pagination.d.ts +0 -40
- package/dist/mcp/utils/pagination.d.ts.map +0 -1
- package/dist/mcp/utils/pagination.js +0 -55
- package/dist/mcp/utils/pagination.js.map +0 -1
- package/dist/modules/bug-reports/bug-config.d.ts +0 -25
- package/dist/modules/bug-reports/bug-config.d.ts.map +0 -1
- package/dist/modules/bug-reports/bug-config.js +0 -187
- package/dist/modules/bug-reports/bug-config.js.map +0 -1
- package/dist/modules/bug-reports/bug-monitor.d.ts +0 -108
- package/dist/modules/bug-reports/bug-monitor.d.ts.map +0 -1
- package/dist/modules/bug-reports/bug-monitor.js +0 -510
- package/dist/modules/bug-reports/bug-monitor.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-agent.d.ts +0 -58
- package/dist/modules/bug-reports/giuseppe-agent.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-agent.js +0 -467
- package/dist/modules/bug-reports/giuseppe-agent.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-ai.d.ts +0 -83
- package/dist/modules/bug-reports/giuseppe-ai.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-ai.js +0 -466
- package/dist/modules/bug-reports/giuseppe-ai.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-bot.d.ts +0 -110
- package/dist/modules/bug-reports/giuseppe-bot.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-bot.js +0 -804
- package/dist/modules/bug-reports/giuseppe-bot.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-daemon.d.ts +0 -80
- package/dist/modules/bug-reports/giuseppe-daemon.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-daemon.js +0 -617
- package/dist/modules/bug-reports/giuseppe-daemon.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-files.d.ts +0 -64
- package/dist/modules/bug-reports/giuseppe-files.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-files.js +0 -375
- package/dist/modules/bug-reports/giuseppe-files.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-git.d.ts +0 -48
- package/dist/modules/bug-reports/giuseppe-git.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-git.js +0 -298
- package/dist/modules/bug-reports/giuseppe-git.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-lsp.d.ts +0 -113
- package/dist/modules/bug-reports/giuseppe-lsp.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-lsp.js +0 -485
- package/dist/modules/bug-reports/giuseppe-lsp.js.map +0 -1
- package/dist/modules/bug-reports/giuseppe-prompt.d.ts +0 -5
- package/dist/modules/bug-reports/giuseppe-prompt.d.ts.map +0 -1
- package/dist/modules/bug-reports/giuseppe-prompt.js +0 -94
- package/dist/modules/bug-reports/giuseppe-prompt.js.map +0 -1
- package/dist/modules/bug-reports/index.d.ts +0 -77
- package/dist/modules/bug-reports/index.d.ts.map +0 -1
- package/dist/modules/bug-reports/index.js +0 -215
- package/dist/modules/bug-reports/index.js.map +0 -1
- package/dist/modules/bug-reports/pending-classification-registry.d.ts +0 -28
- package/dist/modules/bug-reports/pending-classification-registry.d.ts.map +0 -1
- package/dist/modules/bug-reports/pending-classification-registry.js +0 -50
- package/dist/modules/bug-reports/pending-classification-registry.js.map +0 -1
- package/dist/modules/bug-reports/pending-fix-registry.d.ts +0 -30
- package/dist/modules/bug-reports/pending-fix-registry.d.ts.map +0 -1
- package/dist/modules/bug-reports/pending-fix-registry.js +0 -42
- package/dist/modules/bug-reports/pending-fix-registry.js.map +0 -1
- package/dist/modules/bug-reports/pending-registry.d.ts +0 -27
- package/dist/modules/bug-reports/pending-registry.d.ts.map +0 -1
- package/dist/modules/bug-reports/pending-registry.js +0 -49
- package/dist/modules/bug-reports/pending-registry.js.map +0 -1
- package/dist/modules/bug-reports/types.d.ts +0 -123
- package/dist/modules/bug-reports/types.d.ts.map +0 -1
- package/dist/modules/bug-reports/types.js +0 -9
- package/dist/modules/bug-reports/types.js.map +0 -1
- package/dist/plugins/bug-fixer/index.d.ts +0 -2
- package/dist/plugins/bug-fixer/index.d.ts.map +0 -1
- package/dist/plugins/bug-fixer/index.js +0 -18
- package/dist/plugins/bug-fixer/index.js.map +0 -1
- package/dist/plugins/bug-fixer/tools.d.ts +0 -45
- package/dist/plugins/bug-fixer/tools.d.ts.map +0 -1
- package/dist/plugins/bug-fixer/tools.js +0 -1096
- package/dist/plugins/bug-fixer/tools.js.map +0 -1
- package/dist/plugins/vipunen/__tests__/tools.test.d.ts +0 -10
- package/dist/plugins/vipunen/__tests__/tools.test.d.ts.map +0 -1
- package/dist/plugins/vipunen/__tests__/tools.test.js +0 -646
- package/dist/plugins/vipunen/__tests__/tools.test.js.map +0 -1
- package/dist/routes/agents.d.ts +0 -44
- package/dist/routes/agents.d.ts.map +0 -1
- package/dist/routes/agents.js +0 -311
- package/dist/routes/agents.js.map +0 -1
- package/dist/services/agent-credential-store.d.ts +0 -73
- package/dist/services/agent-credential-store.d.ts.map +0 -1
- package/dist/services/agent-credential-store.js +0 -212
- package/dist/services/agent-credential-store.js.map +0 -1
- package/dist/stdio-server.d.ts +0 -14
- package/dist/stdio-server.d.ts.map +0 -1
- package/dist/stdio-server.js +0 -101
- package/dist/stdio-server.js.map +0 -1
- package/dist/workspace/context.d.ts +0 -148
- package/dist/workspace/context.d.ts.map +0 -1
- package/dist/workspace/context.js +0 -339
- package/dist/workspace/context.js.map +0 -1
- package/dist/workspace/credentials.d.ts +0 -55
- package/dist/workspace/credentials.d.ts.map +0 -1
- package/dist/workspace/credentials.js +0 -239
- package/dist/workspace/credentials.js.map +0 -1
- package/dist/workspace/index.d.ts +0 -21
- package/dist/workspace/index.d.ts.map +0 -1
- package/dist/workspace/index.js +0 -45
- package/dist/workspace/index.js.map +0 -1
- package/dist/workspace/loader.d.ts +0 -27
- package/dist/workspace/loader.d.ts.map +0 -1
- package/dist/workspace/loader.js +0 -222
- package/dist/workspace/loader.js.map +0 -1
- package/dist/workspace/schema.d.ts +0 -37
- package/dist/workspace/schema.d.ts.map +0 -1
- package/dist/workspace/schema.js +0 -192
- package/dist/workspace/schema.js.map +0 -1
package/dist/mcp-server.js
CHANGED
|
@@ -51,9 +51,14 @@ const logger_1 = require("./lib/logger");
|
|
|
51
51
|
const config_1 = require("./config");
|
|
52
52
|
const UserContextCache_1 = require("./mcp/UserContextCache");
|
|
53
53
|
const tool_registry_1 = require("./mcp/tool-registry");
|
|
54
|
+
const tool_profiles_1 = require("./mcp/tool-profiles");
|
|
54
55
|
const session_store_1 = require("./mcp/session-store");
|
|
55
56
|
const webhook_handler_1 = require("./mcp/webhook-handler");
|
|
57
|
+
const workspace_admin_store_1 = require("./mcp/workspace-admin-store");
|
|
58
|
+
const rate_limit_1 = require("./public-chat/rate-limit");
|
|
59
|
+
const hailer_clients_1 = require("./mcp/hailer-clients");
|
|
56
60
|
const vipunen_1 = require("./plugins/vipunen");
|
|
61
|
+
const public_chat_1 = require("./public-chat");
|
|
57
62
|
// Load MCP instructions for Claude App
|
|
58
63
|
// Try dist/mcp/ first (production), then src/mcp/ (development)
|
|
59
64
|
let mcpInstructions;
|
|
@@ -83,6 +88,9 @@ class MCPServerService {
|
|
|
83
88
|
config;
|
|
84
89
|
toolRegistry;
|
|
85
90
|
appConfig;
|
|
91
|
+
/** sessionId → profile + timestamp. Set at MCP initialize when clientInfo identifies an SDK-aware client. */
|
|
92
|
+
mcpClientProfiles = new Map();
|
|
93
|
+
static PROFILE_TTL_MS = 60 * 60 * 1000; // 1 hour
|
|
86
94
|
constructor(config) {
|
|
87
95
|
this.config = config;
|
|
88
96
|
this.toolRegistry = config.toolRegistry;
|
|
@@ -100,6 +108,14 @@ class MCPServerService {
|
|
|
100
108
|
});
|
|
101
109
|
}
|
|
102
110
|
setupMiddleware() {
|
|
111
|
+
// Trust all private-range hops (ingress, hailer-api /proxy/mcp) so req.ip
|
|
112
|
+
// resolves to the first PUBLIC address in X-Forwarded-For regardless of
|
|
113
|
+
// how many internal proxies the request traversed. The public ingress
|
|
114
|
+
// (ALB in prod, Traefik in dev) always appends the real client IP as the
|
|
115
|
+
// rightmost entry, and every internal hop is loopback/RFC1918, so this
|
|
116
|
+
// is hop-count-agnostic and spoof-safe for internet clients. Required
|
|
117
|
+
// for per-visitor rate-limit buckets.
|
|
118
|
+
this.app.set('trust proxy', ['loopback', 'linklocal', 'uniquelocal']);
|
|
103
119
|
// Configure CORS - empty array means allow all origins (like original cors())
|
|
104
120
|
if (this.config.corsOrigins.length === 0) {
|
|
105
121
|
this.app.use((0, cors_1.default)());
|
|
@@ -322,7 +338,8 @@ class MCPServerService {
|
|
|
322
338
|
});
|
|
323
339
|
// Legacy POST callback for backwards compatibility
|
|
324
340
|
this.app.post(`${API_PREFIX}/oauth/callback`, express_1.default.urlencoded({ extended: true }), (req, res) => {
|
|
325
|
-
|
|
341
|
+
// Body contains access_token (a credential) — log only field names, not values.
|
|
342
|
+
req.logger.debug('OAuth callback POST received', { fields: Object.keys(req.body ?? {}) });
|
|
326
343
|
const { access_token, error } = req.body;
|
|
327
344
|
if (error) {
|
|
328
345
|
return res.status(400).send(`<html><body><h1>Authorization Failed</h1><p>Error: ${this.escapeHtml(String(error))}</p></body></html>`);
|
|
@@ -363,35 +380,84 @@ class MCPServerService {
|
|
|
363
380
|
const webhookPath = (0, webhook_handler_1.getWebhookPath)();
|
|
364
381
|
if (webhookPath) {
|
|
365
382
|
// POST /webhook/{token} - Receives updates from Hailer workflow webhooks
|
|
366
|
-
this.app.post(webhookPath, (req, res) => {
|
|
383
|
+
this.app.post(webhookPath, async (req, res) => {
|
|
367
384
|
req.logger.debug('Bot config webhook received', {
|
|
368
385
|
activityId: req.body?._id,
|
|
369
386
|
activityName: req.body?.name,
|
|
370
387
|
workspaceId: req.body?.cid,
|
|
371
388
|
});
|
|
389
|
+
// Always return 200 so Hailer doesn't auto-suspend webhook delivery
|
|
390
|
+
// after consecutive non-2xx responses. Errors are logged; the body
|
|
391
|
+
// carries `success: false` + `error` for anyone polling the status
|
|
392
|
+
// endpoint.
|
|
372
393
|
try {
|
|
373
|
-
const result = (0, webhook_handler_1.handleBotConfigWebhook)(req.body);
|
|
394
|
+
const result = await (0, webhook_handler_1.handleBotConfigWebhook)(req.body);
|
|
374
395
|
if (result.success) {
|
|
375
396
|
req.logger.debug('Bot config updated via webhook', {
|
|
376
397
|
action: result.action,
|
|
377
398
|
workspaceId: result.workspaceId,
|
|
378
399
|
botType: result.botType,
|
|
379
400
|
});
|
|
380
|
-
res.status(200).json(result);
|
|
381
401
|
}
|
|
382
402
|
else {
|
|
383
|
-
req.logger.warn('Bot config webhook
|
|
384
|
-
res.status(400).json(result);
|
|
403
|
+
req.logger.warn('Bot config webhook handled with non-success', { error: result.error });
|
|
385
404
|
}
|
|
405
|
+
res.status(200).json(result);
|
|
386
406
|
}
|
|
387
407
|
catch (error) {
|
|
388
408
|
req.logger.error('Bot config webhook error', { error });
|
|
389
|
-
res.status(
|
|
409
|
+
res.status(200).json({
|
|
390
410
|
success: false,
|
|
391
411
|
error: error instanceof Error ? error.message : 'Internal error',
|
|
392
412
|
});
|
|
393
413
|
}
|
|
394
414
|
});
|
|
415
|
+
// DELETE /webhook/{token}/bot/:activityId?workspaceId=X&actorUid=Y&actorName=Z
|
|
416
|
+
// Called by AI Hub when the user deletes a bot, BEFORE the activity is
|
|
417
|
+
// removed in Hailer. Tears down the Hailer user account (via the bot's
|
|
418
|
+
// own session) and removes the local config entry, so deletion in AI Hub
|
|
419
|
+
// is propagated atomically rather than waiting for the reconciler tick.
|
|
420
|
+
// actorUid/actorName are optional and used purely for audit attribution
|
|
421
|
+
// — the actual operations run with the admin API key.
|
|
422
|
+
this.app.delete(`${webhookPath}/bot/:activityId`, async (req, res) => {
|
|
423
|
+
const activityId = req.params.activityId;
|
|
424
|
+
const workspaceId = typeof req.query.workspaceId === 'string' ? req.query.workspaceId : '';
|
|
425
|
+
if (!workspaceId) {
|
|
426
|
+
res.status(400).json({ error: 'workspaceId query param required' });
|
|
427
|
+
return;
|
|
428
|
+
}
|
|
429
|
+
const actor = {
|
|
430
|
+
uid: typeof req.query.actorUid === 'string' ? req.query.actorUid : undefined,
|
|
431
|
+
name: typeof req.query.actorName === 'string' ? req.query.actorName : undefined,
|
|
432
|
+
};
|
|
433
|
+
try {
|
|
434
|
+
const outcome = await (0, webhook_handler_1.destroyBot)(workspaceId, activityId, actor);
|
|
435
|
+
if (!outcome.teardownOk) {
|
|
436
|
+
// 502: the config entry is gone and AI Hub will still delete
|
|
437
|
+
// the activity, but the Hailer user account was not torn down
|
|
438
|
+
// (no listener, or listener threw). Operator needs to know.
|
|
439
|
+
res.status(502).json({
|
|
440
|
+
success: false,
|
|
441
|
+
removed: !!outcome.removed,
|
|
442
|
+
email: outcome.removed?.email ?? null,
|
|
443
|
+
error: outcome.teardownError ?? 'teardown skipped',
|
|
444
|
+
});
|
|
445
|
+
return;
|
|
446
|
+
}
|
|
447
|
+
res.status(200).json({
|
|
448
|
+
success: true,
|
|
449
|
+
removed: !!outcome.removed,
|
|
450
|
+
email: outcome.removed?.email ?? null,
|
|
451
|
+
});
|
|
452
|
+
}
|
|
453
|
+
catch (err) {
|
|
454
|
+
req.logger.error('Bot destroy failed', { workspaceId, activityId, actor, err });
|
|
455
|
+
res.status(500).json({
|
|
456
|
+
success: false,
|
|
457
|
+
error: err instanceof Error ? err.message : 'Internal error',
|
|
458
|
+
});
|
|
459
|
+
}
|
|
460
|
+
});
|
|
395
461
|
// GET /webhook/{token}/status - Status endpoint to see all workspace configs
|
|
396
462
|
this.app.get(`${webhookPath}/status`, (_req, res) => {
|
|
397
463
|
const configs = (0, webhook_handler_1.listWorkspaceConfigs)();
|
|
@@ -411,6 +477,179 @@ class MCPServerService {
|
|
|
411
477
|
else {
|
|
412
478
|
this.logger.debug('Webhook endpoint disabled (no WEBHOOK_TOKEN)');
|
|
413
479
|
}
|
|
480
|
+
const adminCheckCacheTtlMs = 3000;
|
|
481
|
+
const adminCheckCacheMax = 1000;
|
|
482
|
+
const adminCheckCache = new Map();
|
|
483
|
+
const sweepAdminCheckCache = (now) => {
|
|
484
|
+
for (const [staleKey, entry] of adminCheckCache) {
|
|
485
|
+
if (now - entry.time >= adminCheckCacheTtlMs) {
|
|
486
|
+
adminCheckCache.delete(staleKey);
|
|
487
|
+
}
|
|
488
|
+
}
|
|
489
|
+
};
|
|
490
|
+
// Bounded insert: TTL is otherwise only checked on read, so attacker-
|
|
491
|
+
// supplied random workspaceIds would grow the map without bound. Sweep
|
|
492
|
+
// expired entries when full, then evict the oldest (Maps iterate in
|
|
493
|
+
// insertion order) as a last resort.
|
|
494
|
+
const setAdminCheckCache = (key, body) => {
|
|
495
|
+
const now = Date.now();
|
|
496
|
+
if (adminCheckCache.size >= adminCheckCacheMax) {
|
|
497
|
+
sweepAdminCheckCache(now);
|
|
498
|
+
}
|
|
499
|
+
const oldestKey = adminCheckCache.keys().next().value;
|
|
500
|
+
if (adminCheckCache.size >= adminCheckCacheMax && oldestKey) {
|
|
501
|
+
adminCheckCache.delete(oldestKey);
|
|
502
|
+
}
|
|
503
|
+
adminCheckCache.set(key, { body, time: now });
|
|
504
|
+
};
|
|
505
|
+
// Route-scoped CORS: AI Hub polls /check with `credentials: 'include'`
|
|
506
|
+
// through api.hailer.com /proxy/mcp, and the proxy copies upstream
|
|
507
|
+
// response headers verbatim — so the global allow-all
|
|
508
|
+
// `Access-Control-Allow-Origin: *` from setupMiddleware would reach the
|
|
509
|
+
// browser and make it reject every credentialed response. Reflect only
|
|
510
|
+
// the AI Hub app origins, with credentials enabled. The POST is a
|
|
511
|
+
// top-level form navigation (no CORS), so only the GET needs this.
|
|
512
|
+
const adminAuthorizeCors = (0, cors_1.default)({
|
|
513
|
+
origin: config_1.environment.ADMIN_CORS_ORIGINS,
|
|
514
|
+
credentials: true,
|
|
515
|
+
});
|
|
516
|
+
// /check returns the stored admin's uid (opaque ObjectId) so AI Hub can
|
|
517
|
+
// compare against the current user and distinguish "you are connected"
|
|
518
|
+
// from "another admin connected this workspace." Name/email are NOT
|
|
519
|
+
// returned — this endpoint is reachable over plaintext HTTP given only
|
|
520
|
+
// the workspaceId, and we don't want admin PII traveling on the wire.
|
|
521
|
+
this.app.get('/admin-authorize/check', adminAuthorizeCors, async (req, res) => {
|
|
522
|
+
const workspaceId = typeof req.query.workspaceId === 'string' ? req.query.workspaceId : '';
|
|
523
|
+
if (!workspaceId) {
|
|
524
|
+
res.status(400).json({ error: 'workspaceId required' });
|
|
525
|
+
return;
|
|
526
|
+
}
|
|
527
|
+
// Generous per-IP budget: the AI Hub popup polls every ~1.5s for up
|
|
528
|
+
// to 120s (~81 requests per full flow incl. the baseline probe);
|
|
529
|
+
// 250/hr fits three timed-out flows plus app-startup checks. Keyed
|
|
530
|
+
// by IP only — keying by IP+workspaceId would let one IP mint
|
|
531
|
+
// unlimited fresh buckets via random workspaceIds. AI Hub treats
|
|
532
|
+
// non-200 as { hasKey: false } and keeps polling, so 429 degrades
|
|
533
|
+
// gracefully. Reachable only via the session-gated /proxy/mcp in
|
|
534
|
+
// prod, so this is defense-in-depth, not the primary gate.
|
|
535
|
+
const rate = (0, rate_limit_1.checkRate)(`admin-check:${req.ip ?? 'unknown'}`, 250);
|
|
536
|
+
if (!rate.ok) {
|
|
537
|
+
res.status(429).json({ error: 'rate_limited', retryAfterSec: rate.retryAfterSec });
|
|
538
|
+
return;
|
|
539
|
+
}
|
|
540
|
+
const cached = adminCheckCache.get(workspaceId);
|
|
541
|
+
if (cached && Date.now() - cached.time < adminCheckCacheTtlMs) {
|
|
542
|
+
res.json(cached.body);
|
|
543
|
+
return;
|
|
544
|
+
}
|
|
545
|
+
const record = await (0, workspace_admin_store_1.getValidatedAdminRecord)(workspaceId);
|
|
546
|
+
let body = { hasKey: false };
|
|
547
|
+
if (record) {
|
|
548
|
+
body = {
|
|
549
|
+
hasKey: true,
|
|
550
|
+
installedAt: record.installedAt,
|
|
551
|
+
expiresAt: record.expiresAt,
|
|
552
|
+
admin: { uid: record.uid },
|
|
553
|
+
};
|
|
554
|
+
}
|
|
555
|
+
setAdminCheckCache(workspaceId, body);
|
|
556
|
+
res.json(body);
|
|
557
|
+
});
|
|
558
|
+
this.app.post('/admin-authorize', express_1.default.urlencoded({ extended: true }), async (req, res) => {
|
|
559
|
+
const completeUrl = (status, message) => {
|
|
560
|
+
const base = `${config_1.environment.HAILER_APP_URL}/#/authorize/complete?status=${status}`;
|
|
561
|
+
return message ? `${base}&message=${encodeURIComponent(message)}` : base;
|
|
562
|
+
};
|
|
563
|
+
try {
|
|
564
|
+
// Rate-limit the expensive write (each call runs live core.init
|
|
565
|
+
// validation). Namespaced key so it has its own per-IP budget,
|
|
566
|
+
// separate from the public-chat limiter sharing this module.
|
|
567
|
+
const rate = (0, rate_limit_1.checkRate)(`admin-authorize:${req.ip ?? 'unknown'}`);
|
|
568
|
+
if (!rate.ok) {
|
|
569
|
+
req.logger.warn('Admin authorize: rate limited', { retryAfterSec: rate.retryAfterSec });
|
|
570
|
+
res.redirect(303, completeUrl('error', 'Too many attempts — please wait a moment and try again.'));
|
|
571
|
+
return;
|
|
572
|
+
}
|
|
573
|
+
const workspaceId = typeof req.query.workspaceId === 'string' ? req.query.workspaceId : '';
|
|
574
|
+
const apiKey = typeof req.body?.apiKey === 'string' ? req.body.apiKey : '';
|
|
575
|
+
req.logger.debug('Admin authorize POST received', {
|
|
576
|
+
workspaceId,
|
|
577
|
+
hasApiKey: !!apiKey,
|
|
578
|
+
contentType: req.headers['content-type'],
|
|
579
|
+
bodyKeys: req.body ? Object.keys(req.body) : [],
|
|
580
|
+
queryKeys: Object.keys(req.query),
|
|
581
|
+
});
|
|
582
|
+
if (!workspaceId || !apiKey) {
|
|
583
|
+
res.redirect(303, completeUrl('error', 'Missing workspaceId or apiKey'));
|
|
584
|
+
return;
|
|
585
|
+
}
|
|
586
|
+
// Validate the key by resolving the admin's identity, and capture it for audit/display.
|
|
587
|
+
let identity;
|
|
588
|
+
let targetRole;
|
|
589
|
+
let adminClient;
|
|
590
|
+
try {
|
|
591
|
+
adminClient = await (0, hailer_clients_1.createHailerClientByApiKey)(apiKey);
|
|
592
|
+
identity = await (0, workspace_admin_store_1.resolveAdminIdentity)(adminClient);
|
|
593
|
+
targetRole = identity.uid ? await (0, workspace_admin_store_1.resolveRoleInWorkspace)(adminClient, identity.uid, workspaceId) : undefined;
|
|
594
|
+
}
|
|
595
|
+
catch (validateErr) {
|
|
596
|
+
req.logger.warn('Admin authorize: API key validation failed', {
|
|
597
|
+
workspaceId,
|
|
598
|
+
error: validateErr instanceof Error ? validateErr.message : validateErr,
|
|
599
|
+
});
|
|
600
|
+
res.redirect(303, completeUrl('error', 'API key validation failed'));
|
|
601
|
+
return;
|
|
602
|
+
}
|
|
603
|
+
if (!identity.uid) {
|
|
604
|
+
res.redirect(303, completeUrl('error', 'API key did not resolve to a user'));
|
|
605
|
+
return;
|
|
606
|
+
}
|
|
607
|
+
if (!identity.emailVerified) {
|
|
608
|
+
// Unverified admin email → Hailer blocks the bot invite (403
|
|
609
|
+
// 'Validate your email.') → reinvite doom loop. Refuse the key
|
|
610
|
+
// until the admin verifies (fail-closed on missing/false).
|
|
611
|
+
req.logger.warn('Admin authorize: email not verified — refusing to persist', {
|
|
612
|
+
workspaceId, adminUid: identity.uid,
|
|
613
|
+
});
|
|
614
|
+
res.redirect(303, completeUrl('error', 'Please verify your Hailer email before connecting this workspace.'));
|
|
615
|
+
return;
|
|
616
|
+
}
|
|
617
|
+
// Authorize the key against the target workspace. This endpoint is
|
|
618
|
+
// reachable publicly via the api.hailer.com /proxy/mcp service, so we
|
|
619
|
+
// must not store a key for a workspace it is not entitled to. The
|
|
620
|
+
// user must be an admin/owner of the TARGET workspace — checked
|
|
621
|
+
// directly via v2.network.get, NOT via identity.workspaceId: that is
|
|
622
|
+
// the key's ambient current-workspace pointer (init.network._id),
|
|
623
|
+
// which follows last-viewed/switchEcosystem and falsely rejects
|
|
624
|
+
// admins whose pointer sits in another workspace.
|
|
625
|
+
if (targetRole !== 'admin' && targetRole !== 'owner') {
|
|
626
|
+
req.logger.warn('Admin authorize: user is not an admin/owner of the target workspace', {
|
|
627
|
+
workspaceId, adminUid: identity.uid, targetRole, ambientWorkspaceId: identity.workspaceId,
|
|
628
|
+
});
|
|
629
|
+
res.redirect(303, completeUrl('error', 'Only workspace admins or owners can connect bot credentials'));
|
|
630
|
+
return;
|
|
631
|
+
}
|
|
632
|
+
// The popup path bypasses webhooks, so stale 'email-not-verified'
|
|
633
|
+
// markers written by earlier webhook rejections never get cleared
|
|
634
|
+
// — AI Hub's pill stays wedged red even with a verified key
|
|
635
|
+
// stored. Sweep BEFORE persisting so /check flips to hasKey only
|
|
636
|
+
// once markers are gone. clearAdminKeyErrors never throws.
|
|
637
|
+
if (adminClient) {
|
|
638
|
+
await (0, webhook_handler_1.clearAdminKeyErrors)(adminClient, workspaceId);
|
|
639
|
+
}
|
|
640
|
+
(0, workspace_admin_store_1.persistAdminCredentials)(workspaceId, apiKey, identity);
|
|
641
|
+
adminCheckCache.delete(workspaceId);
|
|
642
|
+
req.logger.info('Admin credentials stored via authorize flow', {
|
|
643
|
+
workspaceId,
|
|
644
|
+
adminUid: identity.uid,
|
|
645
|
+
});
|
|
646
|
+
res.redirect(303, completeUrl('success'));
|
|
647
|
+
}
|
|
648
|
+
catch (error) {
|
|
649
|
+
req.logger.error('Admin authorize failed', { error });
|
|
650
|
+
res.redirect(303, completeUrl('error', 'Storage failed'));
|
|
651
|
+
}
|
|
652
|
+
});
|
|
414
653
|
// ===== Daemon status endpoint =====
|
|
415
654
|
this.app.get('/daemon/status', (_, res) => {
|
|
416
655
|
if (!this.config.getDaemonStatus) {
|
|
@@ -426,9 +665,9 @@ class MCPServerService {
|
|
|
426
665
|
});
|
|
427
666
|
// ===== Hailer MCP endpoint — Direct API key auth (for Claude Code, mcp-remote, SDK) =====
|
|
428
667
|
// Restored original mcpHandler from pre-Cowork era with BOT_INTERNAL filtering and strict access control
|
|
429
|
-
const mcpHandler = async (req, res, apiKeyOverride) => {
|
|
668
|
+
const mcpHandler = async (req, res, apiKeyOverride, profile) => {
|
|
430
669
|
const apiKey = apiKeyOverride || req.query.apiKey;
|
|
431
|
-
req.logger.debug('MCP request received', { method: req.body?.method, apiKey: apiKey?.slice(0, 8) + '...' });
|
|
670
|
+
req.logger.debug('MCP request received', { method: req.body?.method, apiKey: apiKey?.slice(0, 8) + '...', profile });
|
|
432
671
|
try {
|
|
433
672
|
const mcpRequest = req.body;
|
|
434
673
|
if (!mcpRequest.params) {
|
|
@@ -438,7 +677,13 @@ class MCPServerService {
|
|
|
438
677
|
if (mcpRequest.method === 'tools/list') {
|
|
439
678
|
req.logger.debug('Handling tools/list request');
|
|
440
679
|
let filterConfig;
|
|
441
|
-
|
|
680
|
+
// Resolve effective profile: explicit route override OR session-tracked clientInfo
|
|
681
|
+
const effectiveProfile = this.resolveSessionProfile(req, profile);
|
|
682
|
+
if (effectiveProfile) {
|
|
683
|
+
filterConfig = (0, tool_profiles_1.profileFilterConfig)(effectiveProfile);
|
|
684
|
+
req.logger.debug('Using profile tool allowlist', { profile: effectiveProfile, source: profile ? 'route' : 'clientInfo' });
|
|
685
|
+
}
|
|
686
|
+
else if (apiKey) {
|
|
442
687
|
try {
|
|
443
688
|
const agentConfig = this.appConfig.getClientConfig(apiKey);
|
|
444
689
|
if (agentConfig.allowedTools || agentConfig.allowedGroups) {
|
|
@@ -455,12 +700,10 @@ class MCPServerService {
|
|
|
455
700
|
// BOT_INTERNAL filtering: only include if explicitly requested (for daemons)
|
|
456
701
|
const includeBotInternal = mcpRequest.params?.includeBotInternal === true;
|
|
457
702
|
if (!filterConfig) {
|
|
458
|
-
filterConfig =
|
|
459
|
-
|
|
460
|
-
};
|
|
461
|
-
req.logger.debug('Using default tool filter (excludes NUCLEAR and BOT_INTERNAL)');
|
|
703
|
+
filterConfig = (0, tool_profiles_1.profileFilterConfig)(config_1.environment.MCP_DEFAULT_PROFILE);
|
|
704
|
+
req.logger.debug('Using default profile tool filter', { profile: config_1.environment.MCP_DEFAULT_PROFILE });
|
|
462
705
|
}
|
|
463
|
-
|
|
706
|
+
if (filterConfig.allowedGroups) {
|
|
464
707
|
filterConfig.allowedGroups = filterConfig.allowedGroups.filter(g => (includeBotInternal || g !== tool_registry_1.ToolGroup.BOT_INTERNAL) &&
|
|
465
708
|
(config_1.environment.ENABLE_NUCLEAR_TOOLS || g !== tool_registry_1.ToolGroup.NUCLEAR));
|
|
466
709
|
}
|
|
@@ -493,13 +736,30 @@ class MCPServerService {
|
|
|
493
736
|
if (!this.canAccessToolStrict(name, apiKey)) {
|
|
494
737
|
return this.sendMcpError(res, mcpRequest.id, -32603, `Access denied to tool: ${name}`, 403);
|
|
495
738
|
}
|
|
739
|
+
// Profile enforcement — explicit route/clientInfo profile, else the
|
|
740
|
+
// default profile when no per-account config governs this key
|
|
741
|
+
if (!this.canAccessToolForProfile(name, apiKey, this.resolveSessionProfile(req, profile))) {
|
|
742
|
+
return this.sendMcpError(res, mcpRequest.id, -32603, `Tool not available in this connection's profile: ${name}`, 403);
|
|
743
|
+
}
|
|
496
744
|
const userContext = await UserContextCache_1.UserContextCache.getContext(apiKey);
|
|
497
745
|
result = await this.toolRegistry.executeTool(name, args, userContext);
|
|
498
746
|
}
|
|
499
747
|
else if (mcpRequest.method === 'initialize') {
|
|
500
748
|
const sessionId = `session-${Date.now()}-${Math.random().toString(36).substring(2, 11)}`;
|
|
501
749
|
res.setHeader('Mcp-Session-Id', sessionId);
|
|
502
|
-
|
|
750
|
+
const clientInfo = mcpRequest.params?.clientInfo;
|
|
751
|
+
req.logger.info('Client connected', { sessionId, clientInfo });
|
|
752
|
+
// Auto-detect SDK-aware clients (e.g. OpenCode in Hailer Studio sessions)
|
|
753
|
+
if (clientInfo?.name === 'opencode') {
|
|
754
|
+
this.mcpClientProfiles.set(sessionId, { profile: 'sdk', ts: Date.now() });
|
|
755
|
+
// Lazy TTL cleanup — drop entries older than PROFILE_TTL_MS on each insert
|
|
756
|
+
const cutoff = Date.now() - MCPServerService.PROFILE_TTL_MS;
|
|
757
|
+
for (const [sid, entry] of this.mcpClientProfiles) {
|
|
758
|
+
if (entry.ts < cutoff)
|
|
759
|
+
this.mcpClientProfiles.delete(sid);
|
|
760
|
+
}
|
|
761
|
+
req.logger.debug('Assigned sdk profile to session', { sessionId, clientName: clientInfo.name });
|
|
762
|
+
}
|
|
503
763
|
result = {
|
|
504
764
|
protocolVersion: '2024-11-05',
|
|
505
765
|
capabilities: { tools: {} },
|
|
@@ -532,18 +792,25 @@ class MCPServerService {
|
|
|
532
792
|
}
|
|
533
793
|
catch (error) {
|
|
534
794
|
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
795
|
+
const apiKeyForLog = typeof req.query.apiKey === 'string'
|
|
796
|
+
? req.query.apiKey.slice(0, 8) + '...'
|
|
797
|
+
: undefined;
|
|
535
798
|
if (errorMessage.includes('Multi-workspace credentials detected')) {
|
|
536
|
-
req.logger.warn('Multi-workspace credentials blocked', { apiKey:
|
|
799
|
+
req.logger.warn('Multi-workspace credentials blocked', { apiKey: apiKeyForLog });
|
|
537
800
|
this.sendMcpError(res, req.body?.id || null, -32001, errorMessage, 200);
|
|
538
801
|
}
|
|
539
802
|
else {
|
|
540
|
-
req.logger.error('MCP handler error', error, { apiKey:
|
|
803
|
+
req.logger.error('MCP handler error', error, { apiKey: apiKeyForLog });
|
|
541
804
|
this.sendMcpError(res, req.body?.id || null, -32000, `Server error: ${errorMessage}`, 500);
|
|
542
805
|
}
|
|
543
806
|
}
|
|
544
807
|
};
|
|
545
808
|
// Route 1: /api/mcp?apiKey=xxx (standard format)
|
|
546
809
|
this.app.post('/api/mcp', (req, res) => mcpHandler(req, res));
|
|
810
|
+
// Route 1b: /api/studio/mcp?apiKey=xxx — Studio sessions (SDK-aware tool surface)
|
|
811
|
+
this.app.post('/api/studio/mcp', (req, res) => mcpHandler(req, res, undefined, 'sdk'));
|
|
812
|
+
// Route 1c: /api/sdk/mcp?apiKey=xxx — canonical alias for SDK projects (same surface as Studio)
|
|
813
|
+
this.app.post('/api/sdk/mcp', (req, res) => mcpHandler(req, res, undefined, 'sdk'));
|
|
547
814
|
// Route 2: /:apiKey (simplified format - API key as path)
|
|
548
815
|
// Matches 16-64 char alphanumeric keys, but ONLY for MCP requests (has jsonrpc field)
|
|
549
816
|
this.app.post('/:apiKey([a-zA-Z0-9_-]{16,64})', (req, res, next) => {
|
|
@@ -675,6 +942,10 @@ class MCPServerService {
|
|
|
675
942
|
label: 'Cowork'
|
|
676
943
|
});
|
|
677
944
|
});
|
|
945
|
+
// Public chat (anonymous) — login-page demo chatbot.
|
|
946
|
+
const publicChatRegistered = (0, public_chat_1.registerPublicChatRoutes)(this.app, {
|
|
947
|
+
anthropicApiKey: config_1.environment.ANTHROPIC_API_KEY,
|
|
948
|
+
});
|
|
678
949
|
this.logger.debug('Routes configured', {
|
|
679
950
|
routes: [
|
|
680
951
|
'/health',
|
|
@@ -683,6 +954,10 @@ class MCPServerService {
|
|
|
683
954
|
'/:apiKey (Hailer — API key as path)',
|
|
684
955
|
`${API_PREFIX}/mcp (Cowork — OAuth)`,
|
|
685
956
|
'/api/vipunen (Vipunen — Bearer key)',
|
|
957
|
+
...(publicChatRegistered ? [
|
|
958
|
+
`${public_chat_1.PUBLIC_CHAT_ROUTE} (public chat — anonymous)`,
|
|
959
|
+
`${public_chat_1.PUBLIC_CHAT_AUTHORIZE_ROUTE} (public chat — graduation)`,
|
|
960
|
+
] : []),
|
|
686
961
|
'/.well-known/oauth-authorization-server',
|
|
687
962
|
'/.well-known/oauth-protected-resource',
|
|
688
963
|
`${API_PREFIX}/oauth/register`,
|
|
@@ -718,14 +993,15 @@ class MCPServerService {
|
|
|
718
993
|
return `${prefix}-${Date.now()}-${Math.random().toString(36).substring(2, 11)}`;
|
|
719
994
|
}
|
|
720
995
|
/**
|
|
721
|
-
|
|
722
|
-
|
|
996
|
+
* Strict access control for /api/mcp — returns false on catch (no config = no access)
|
|
997
|
+
*/
|
|
723
998
|
canAccessToolStrict(toolName, apiKey) {
|
|
724
999
|
// User API Keys aren't in CLIENT_CONFIGS — apply permissive access (non-NUCLEAR)
|
|
725
1000
|
if (apiKey.startsWith('userapikey_')) {
|
|
726
1001
|
const tool = this.toolRegistry.getTool(toolName);
|
|
727
|
-
if (!tool)
|
|
1002
|
+
if (!tool) {
|
|
728
1003
|
return false;
|
|
1004
|
+
}
|
|
729
1005
|
if (tool.group === tool_registry_1.ToolGroup.NUCLEAR && !config_1.environment.ENABLE_NUCLEAR_TOOLS) {
|
|
730
1006
|
return false;
|
|
731
1007
|
}
|
|
@@ -747,8 +1023,8 @@ class MCPServerService {
|
|
|
747
1023
|
}
|
|
748
1024
|
}
|
|
749
1025
|
/**
|
|
750
|
-
|
|
751
|
-
|
|
1026
|
+
* Permissive access control for Cowork — allows non-NUCLEAR tools on catch (OAuth sessions)
|
|
1027
|
+
*/
|
|
752
1028
|
canAccessToolPermissive(toolName, apiKey) {
|
|
753
1029
|
try {
|
|
754
1030
|
const agentConfig = this.appConfig.getClientConfig(apiKey);
|
|
@@ -763,8 +1039,9 @@ class MCPServerService {
|
|
|
763
1039
|
}
|
|
764
1040
|
catch {
|
|
765
1041
|
const tool = this.toolRegistry.getTool(toolName);
|
|
766
|
-
if (!tool)
|
|
1042
|
+
if (!tool) {
|
|
767
1043
|
return false;
|
|
1044
|
+
}
|
|
768
1045
|
if (tool.group === tool_registry_1.ToolGroup.NUCLEAR && !config_1.environment.ENABLE_NUCLEAR_TOOLS) {
|
|
769
1046
|
return false;
|
|
770
1047
|
}
|
|
@@ -772,9 +1049,53 @@ class MCPServerService {
|
|
|
772
1049
|
}
|
|
773
1050
|
}
|
|
774
1051
|
/**
|
|
775
|
-
|
|
776
|
-
|
|
777
|
-
|
|
1052
|
+
* Resolve the connection's tool profile: explicit route override first,
|
|
1053
|
+
* else the session-tracked profile assigned at MCP initialize (clientInfo).
|
|
1054
|
+
*/
|
|
1055
|
+
resolveSessionProfile(req, routeProfile) {
|
|
1056
|
+
if (routeProfile) {
|
|
1057
|
+
return routeProfile;
|
|
1058
|
+
}
|
|
1059
|
+
const sessionHeader = req.headers['mcp-session-id'];
|
|
1060
|
+
const sessionId = Array.isArray(sessionHeader) ? sessionHeader[0] : sessionHeader;
|
|
1061
|
+
if (!sessionId) {
|
|
1062
|
+
return undefined;
|
|
1063
|
+
}
|
|
1064
|
+
const entry = this.mcpClientProfiles.get(sessionId);
|
|
1065
|
+
if (entry && Date.now() - entry.ts < MCPServerService.PROFILE_TTL_MS) {
|
|
1066
|
+
return entry.profile;
|
|
1067
|
+
}
|
|
1068
|
+
return undefined;
|
|
1069
|
+
}
|
|
1070
|
+
/**
|
|
1071
|
+
* Profile enforcement for tools/call. An explicit route/clientInfo profile
|
|
1072
|
+
* always governs. Otherwise per-account allowedTools/allowedGroups config
|
|
1073
|
+
* takes precedence (already enforced by canAccessToolStrict/Permissive);
|
|
1074
|
+
* keys without explicit config fall back to the server's default profile.
|
|
1075
|
+
*/
|
|
1076
|
+
canAccessToolForProfile(toolName, apiKey, explicitProfile) {
|
|
1077
|
+
const tool = this.toolRegistry.getTool(toolName);
|
|
1078
|
+
if (!tool) {
|
|
1079
|
+
return false;
|
|
1080
|
+
}
|
|
1081
|
+
if (explicitProfile) {
|
|
1082
|
+
return (0, tool_profiles_1.isToolAllowedForProfile)(explicitProfile, tool);
|
|
1083
|
+
}
|
|
1084
|
+
try {
|
|
1085
|
+
const agentConfig = this.appConfig.getClientConfig(apiKey);
|
|
1086
|
+
if (agentConfig.allowedTools || agentConfig.allowedGroups) {
|
|
1087
|
+
return true;
|
|
1088
|
+
}
|
|
1089
|
+
}
|
|
1090
|
+
catch {
|
|
1091
|
+
// No per-account config — default profile governs
|
|
1092
|
+
}
|
|
1093
|
+
return (0, tool_profiles_1.isToolAllowedForProfile)(config_1.environment.MCP_DEFAULT_PROFILE, tool);
|
|
1094
|
+
}
|
|
1095
|
+
/**
|
|
1096
|
+
* Cowork MCP JSON-RPC handler for /api/cowork/mcp (OAuth multi-user).
|
|
1097
|
+
* Permissive access control, contextType filter, OAuth 401 flow.
|
|
1098
|
+
*/
|
|
778
1099
|
async handleCoworkMcp(req, res, options) {
|
|
779
1100
|
req.logger.debug(`${options.label} MCP request received`, { method: req.body?.method });
|
|
780
1101
|
try {
|
|
@@ -805,12 +1126,10 @@ class MCPServerService {
|
|
|
805
1126
|
}
|
|
806
1127
|
}
|
|
807
1128
|
if (!filterConfig) {
|
|
808
|
-
filterConfig =
|
|
809
|
-
|
|
810
|
-
};
|
|
811
|
-
req.logger.debug('Using default tool filter (excludes NUCLEAR)');
|
|
1129
|
+
filterConfig = (0, tool_profiles_1.profileFilterConfig)(config_1.environment.MCP_DEFAULT_PROFILE);
|
|
1130
|
+
req.logger.debug('Using default profile tool filter', { profile: config_1.environment.MCP_DEFAULT_PROFILE });
|
|
812
1131
|
}
|
|
813
|
-
|
|
1132
|
+
if (filterConfig.allowedGroups) {
|
|
814
1133
|
filterConfig.allowedGroups = filterConfig.allowedGroups.filter(g => (config_1.environment.ENABLE_NUCLEAR_TOOLS || g !== tool_registry_1.ToolGroup.NUCLEAR));
|
|
815
1134
|
}
|
|
816
1135
|
result = {
|
|
@@ -847,6 +1166,11 @@ class MCPServerService {
|
|
|
847
1166
|
if (!this.canAccessToolPermissive(name, apiKey)) {
|
|
848
1167
|
return this.sendMcpError(res, mcpRequest.id, -32603, `Access denied to tool: ${name}`, 403);
|
|
849
1168
|
}
|
|
1169
|
+
// Profile enforcement — Cowork has no route/clientInfo profile, so
|
|
1170
|
+
// per-account config governs, else the default profile
|
|
1171
|
+
if (!this.canAccessToolForProfile(name, apiKey)) {
|
|
1172
|
+
return this.sendMcpError(res, mcpRequest.id, -32603, `Tool not available in this connection's profile: ${name}`, 403);
|
|
1173
|
+
}
|
|
850
1174
|
if (contextType === 'none') {
|
|
851
1175
|
return this.sendMcpError(res, mcpRequest.id, -32602, `Tool not found: ${name}`, 404);
|
|
852
1176
|
}
|
|
@@ -894,8 +1218,8 @@ class MCPServerService {
|
|
|
894
1218
|
}
|
|
895
1219
|
}
|
|
896
1220
|
/**
|
|
897
|
-
|
|
898
|
-
|
|
1221
|
+
* Send MCP success response via SSE
|
|
1222
|
+
*/
|
|
899
1223
|
sendMcpResult(res, id, result) {
|
|
900
1224
|
const response = { jsonrpc: '2.0', result, id };
|
|
901
1225
|
res.setHeader('Content-Type', 'text/event-stream');
|
|
@@ -905,8 +1229,8 @@ class MCPServerService {
|
|
|
905
1229
|
res.end();
|
|
906
1230
|
}
|
|
907
1231
|
/**
|
|
908
|
-
|
|
909
|
-
|
|
1232
|
+
* Send MCP error response
|
|
1233
|
+
*/
|
|
910
1234
|
sendMcpError(res, id, code, message, httpStatus) {
|
|
911
1235
|
const errorResponse = {
|
|
912
1236
|
jsonrpc: '2.0',
|