@inso_web/els-mcp 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +42 -37
- package/dist/audit/prisma.d.ts +9 -2
- package/dist/audit/prisma.d.ts.map +1 -1
- package/dist/audit/prisma.js +2 -2
- package/dist/audit/prisma.js.map +1 -1
- package/dist/audit/service.d.ts.map +1 -1
- package/dist/audit/service.js +4 -3
- package/dist/audit/service.js.map +1 -1
- package/dist/audit/verify.d.ts +55 -0
- package/dist/audit/verify.d.ts.map +1 -0
- package/dist/audit/verify.js +131 -0
- package/dist/audit/verify.js.map +1 -0
- package/dist/billing/limits.d.ts +14 -3
- package/dist/billing/limits.d.ts.map +1 -1
- package/dist/billing/limits.js +30 -3
- package/dist/billing/limits.js.map +1 -1
- package/dist/billing/tracker.d.ts +11 -3
- package/dist/billing/tracker.d.ts.map +1 -1
- package/dist/billing/tracker.js +38 -4
- package/dist/billing/tracker.js.map +1 -1
- package/dist/cache/types.d.ts +8 -8
- package/dist/cache/types.d.ts.map +1 -1
- package/dist/cache/types.js +7 -7
- package/dist/cache/wrapper.js +1 -1
- package/dist/cli.js +52 -7
- package/dist/cli.js.map +1 -1
- package/dist/config.d.ts +19 -4
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +26 -12
- package/dist/config.js.map +1 -1
- package/dist/elsClient.js +6 -6
- package/dist/elsClient.js.map +1 -1
- package/dist/http/app.d.ts +5 -2
- package/dist/http/app.d.ts.map +1 -1
- package/dist/http/app.js +12 -7
- package/dist/http/app.js.map +1 -1
- package/dist/http/lkResolver.d.ts +60 -0
- package/dist/http/lkResolver.d.ts.map +1 -0
- package/dist/http/lkResolver.js +194 -0
- package/dist/http/lkResolver.js.map +1 -0
- package/dist/http/middleware/auth.d.ts +3 -0
- package/dist/http/middleware/auth.d.ts.map +1 -1
- package/dist/http/middleware/auth.js +28 -12
- package/dist/http/middleware/auth.js.map +1 -1
- package/dist/http/middleware/dcrRateLimit.d.ts +2 -2
- package/dist/http/middleware/errorHandler.d.ts +1 -1
- package/dist/http/middleware/errorHandler.js +1 -1
- package/dist/http/middleware/originGuard.d.ts +1 -1
- package/dist/http/middleware/requestId.d.ts +1 -1
- package/dist/http/routes/health.js +1 -1
- package/dist/http/routes/health.js.map +1 -1
- package/dist/http/routes/metrics.d.ts +2 -4
- package/dist/http/routes/metrics.d.ts.map +1 -1
- package/dist/http/routes/metrics.js +2 -4
- package/dist/http/routes/metrics.js.map +1 -1
- package/dist/http/types.d.ts +9 -3
- package/dist/http/types.d.ts.map +1 -1
- package/dist/instrumentation.d.ts +3 -3
- package/dist/instrumentation.js +3 -3
- package/dist/lib/cursor.d.ts +1 -1
- package/dist/lib/cursor.js +3 -3
- package/dist/lib/errors.d.ts +5 -3
- package/dist/lib/errors.d.ts.map +1 -1
- package/dist/lib/errors.js.map +1 -1
- package/dist/middleware/withMiddleware.d.ts +11 -9
- package/dist/middleware/withMiddleware.d.ts.map +1 -1
- package/dist/middleware/withMiddleware.js +64 -11
- package/dist/middleware/withMiddleware.js.map +1 -1
- package/dist/observability/health.d.ts +2 -2
- package/dist/observability/logger.d.ts +1 -1
- package/dist/observability/tracing.d.ts +2 -2
- package/dist/prompts/index.d.ts +2 -2
- package/dist/prompts/index.js +1 -1
- package/dist/redaction/promptInjection.d.ts +2 -5
- package/dist/redaction/promptInjection.d.ts.map +1 -1
- package/dist/redaction/promptInjection.js +3 -6
- package/dist/redaction/promptInjection.js.map +1 -1
- package/dist/redaction/userAgent.d.ts +1 -1
- package/dist/redaction/userAgent.js +1 -1
- package/dist/resources/index.d.ts +3 -3
- package/dist/resources/index.js +4 -4
- package/dist/resources/index.js.map +1 -1
- package/dist/server.d.ts +5 -5
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +1 -1
- package/dist/server.js.map +1 -1
- package/dist/tools/errorHeatmap.js +1 -1
- package/dist/tools/errorHeatmap.js.map +1 -1
- package/dist/tools/errorStatsBreakdown.d.ts +5 -4
- package/dist/tools/errorStatsBreakdown.d.ts.map +1 -1
- package/dist/tools/errorStatsBreakdown.js +7 -6
- package/dist/tools/errorStatsBreakdown.js.map +1 -1
- package/dist/tools/errorsInSession.d.ts +1 -1
- package/dist/tools/errorsInSession.js +1 -1
- package/dist/tools/explainError.d.ts +5 -5
- package/dist/tools/explainError.js +9 -9
- package/dist/tools/explainError.js.map +1 -1
- package/dist/tools/groupedErrors.d.ts +2 -2
- package/dist/tools/groupedErrors.js +2 -2
- package/dist/tools/impactAnalysis.d.ts +1 -1
- package/dist/tools/impactAnalysis.js +1 -1
- package/dist/tools/index.d.ts +5 -5
- package/dist/tools/index.d.ts.map +1 -1
- package/dist/tools/index.js +4 -4
- package/dist/tools/index.js.map +1 -1
- package/dist/tools/listApps.d.ts +4 -4
- package/dist/tools/listApps.js +4 -4
- package/dist/tools/searchLogs.js +2 -2
- package/dist/transports/http-server.d.ts +2 -1
- package/dist/transports/http-server.d.ts.map +1 -1
- package/dist/transports/http-server.js +42 -2
- package/dist/transports/http-server.js.map +1 -1
- package/dist/transports/http.d.ts +8 -4
- package/dist/transports/http.d.ts.map +1 -1
- package/dist/transports/http.js +13 -9
- package/dist/transports/http.js.map +1 -1
- package/dist/transports/stdio.d.ts +1 -1
- package/dist/transports/stdio.js +1 -1
- package/dist/types.d.ts +8 -9
- package/dist/types.d.ts.map +1 -1
- package/package.json +2 -1
|
@@ -1,16 +1,14 @@
|
|
|
1
1
|
import { getMetricsContentType, getMetricsText } from '../../observability/metrics.js';
|
|
2
2
|
import { checkLiveness, checkReadiness } from '../../observability/health.js';
|
|
3
3
|
/**
|
|
4
|
-
* Lightweight HTTP handlers для Express-like
|
|
4
|
+
* Lightweight HTTP handlers для Express-like транспорта.
|
|
5
5
|
*
|
|
6
6
|
* Каждый handler — `(req, res) => Promise<void>` (совместимо с Node http
|
|
7
|
-
* и Express `(req, res, next?)`).
|
|
7
|
+
* и Express `(req, res, next?)`). Используются так:
|
|
8
8
|
*
|
|
9
9
|
* app.get('/els/metrics', metricsHandler);
|
|
10
10
|
* app.get('/els/healthz', healthzHandler);
|
|
11
11
|
* app.get('/els/readyz', readyzHandler(deps));
|
|
12
|
-
*
|
|
13
|
-
* Phase 4 предоставляет реализацию; Phase 3 — wiring.
|
|
14
12
|
*/
|
|
15
13
|
export async function metricsHandler(_req, res) {
|
|
16
14
|
try {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../../src/http/routes/metrics.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AACvF,OAAO,EAAE,aAAa,EAAE,cAAc,EAAsB,MAAM,+BAA+B,CAAC;AAElG
|
|
1
|
+
{"version":3,"file":"metrics.js","sourceRoot":"","sources":["../../../src/http/routes/metrics.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AACvF,OAAO,EAAE,aAAa,EAAE,cAAc,EAAsB,MAAM,+BAA+B,CAAC;AAElG;;;;;;;;;GASG;AAEH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAqB,EACrB,GAAmB;IAEnB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,cAAc,EAAE,CAAC;QACpC,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,qBAAqB,EAAE,CAAC,CAAC;QACvD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAChB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;QACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,2BAA2B,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,oBAAqB,GAAa,CAAC,OAAO,IAAI,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,IAAqB,EAAE,GAAmB;IACvE,MAAM,IAAI,GAAG,aAAa,EAAE,CAAC;IAC7B,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;IACrB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAClD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,IAAmB;IAC/C,OAAO,KAAK,EAAE,IAAqB,EAAE,GAAmB,EAAiB,EAAE;QACzE,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;QAC1C,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QACvD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAClD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IAClC,CAAC,CAAC;AACJ,CAAC"}
|
package/dist/http/types.d.ts
CHANGED
|
@@ -16,11 +16,17 @@ export interface RequestContext {
|
|
|
16
16
|
/** Только для `oidc`: scope claim (raw array). */
|
|
17
17
|
scopes?: string[];
|
|
18
18
|
/**
|
|
19
|
-
*
|
|
20
|
-
* `unknown` (
|
|
21
|
-
* из
|
|
19
|
+
* Основной (default) slug приложения, к которому привязан этот запрос. Для
|
|
20
|
+
* `els-key` пока `unknown` (резолвится ELS upstream); для `oidc` — берётся
|
|
21
|
+
* либо из LK resolver, либо fallback на MCP_OIDC_DEMO_APP_SLUG.
|
|
22
22
|
*/
|
|
23
23
|
appSlug: string;
|
|
24
|
+
/**
|
|
25
|
+
* Полный список доступных пользователю apps (только для `oidc`).
|
|
26
|
+
* Если у пользователя более одного app — tool принимает optional
|
|
27
|
+
* `appSlug` параметр; иначе используется первый из списка (`appSlug`).
|
|
28
|
+
*/
|
|
29
|
+
availableApps?: string[];
|
|
24
30
|
/** Короткий identifier для логов: первые 8 chars ELS-key или OIDC sub. */
|
|
25
31
|
keyId: string;
|
|
26
32
|
ip: string;
|
package/dist/http/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/http/types.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;AAE5C,MAAM,WAAW,cAAc;IAC7B,8DAA8D;IAC9D,UAAU,EAAE,UAAU,CAAC;IACvB,8EAA8E;IAC9E,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,6CAA6C;IAC7C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB;;;;OAIG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB,0EAA0E;IAC1E,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,OAAO,QAAQ,2BAA2B,CAAC;IACzC,UAAU,OAAO;QACf,OAAO,CAAC,EAAE,cAAc,CAAC;QACzB,2EAA2E;QAC3E,GAAG,CAAC,EAAE,OAAO,MAAM,EAAE,MAAM,CAAC;KAC7B;CACF"}
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/http/types.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;AAE5C,MAAM,WAAW,cAAc;IAC7B,8DAA8D;IAC9D,UAAU,EAAE,UAAU,CAAC;IACvB,8EAA8E;IAC9E,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,6CAA6C;IAC7C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kDAAkD;IAClD,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB;;;;OAIG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,0EAA0E;IAC1E,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,OAAO,QAAQ,2BAA2B,CAAC;IACzC,UAAU,OAAO;QACf,OAAO,CAAC,EAAE,cAAc,CAAC;QACzB,2EAA2E;QAC3E,GAAG,CAAC,EAAE,OAAO,MAAM,EAAE,MAAM,CAAC;KAC7B;CACF"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
2
|
+
* OpenTelemetry instrumentation entry-point.
|
|
3
3
|
*
|
|
4
4
|
* Этот файл должен импортироваться **первым** в `cli.ts` (до любых других
|
|
5
5
|
* модулей, которые делают `import` HTTP/Redis-клиентов). OTel SDK
|
|
@@ -9,8 +9,8 @@
|
|
|
9
9
|
* Если `OTEL_EXPORTER_OTLP_ENDPOINT` не задан — функция возвращает no-op
|
|
10
10
|
* handle (tracing disabled, нулевой overhead).
|
|
11
11
|
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
12
|
+
* Делегирует основную настройку SDK в `observability/tracing.ts` — здесь
|
|
13
|
+
* мы только обеспечиваем "earliest possible" entry-point.
|
|
14
14
|
*/
|
|
15
15
|
import { type TracingHandle } from './observability/tracing.js';
|
|
16
16
|
/**
|
package/dist/instrumentation.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
2
|
+
* OpenTelemetry instrumentation entry-point.
|
|
3
3
|
*
|
|
4
4
|
* Этот файл должен импортироваться **первым** в `cli.ts` (до любых других
|
|
5
5
|
* модулей, которые делают `import` HTTP/Redis-клиентов). OTel SDK
|
|
@@ -9,8 +9,8 @@
|
|
|
9
9
|
* Если `OTEL_EXPORTER_OTLP_ENDPOINT` не задан — функция возвращает no-op
|
|
10
10
|
* handle (tracing disabled, нулевой overhead).
|
|
11
11
|
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
12
|
+
* Делегирует основную настройку SDK в `observability/tracing.ts` — здесь
|
|
13
|
+
* мы только обеспечиваем "earliest possible" entry-point.
|
|
14
14
|
*/
|
|
15
15
|
import { setupTracing } from './observability/tracing.js';
|
|
16
16
|
let handle = null;
|
package/dist/lib/cursor.d.ts
CHANGED
|
@@ -5,7 +5,7 @@ export declare function hashFilters(filters: unknown): string;
|
|
|
5
5
|
*
|
|
6
6
|
* @param anchor — последний item текущей страницы (или null если страница пуста).
|
|
7
7
|
* @param filters — объект текущих фильтров для подсчёта hash.
|
|
8
|
-
* @param nextPage —
|
|
8
|
+
* @param nextPage — следующий номер страницы для offset-pagination.
|
|
9
9
|
* @param limit — page size.
|
|
10
10
|
*/
|
|
11
11
|
export declare function encodeCursor(anchor: {
|
package/dist/lib/cursor.js
CHANGED
|
@@ -3,8 +3,8 @@ import { ToolError } from './errors.js';
|
|
|
3
3
|
/**
|
|
4
4
|
* Seek-cursor utilities.
|
|
5
5
|
*
|
|
6
|
-
*
|
|
7
|
-
* Реальный seek-by-(receivedAt, id) появится
|
|
6
|
+
* Transitional: cursor wraps offset/page (т.к. ELS пока offset-based).
|
|
7
|
+
* Реальный seek-by-(receivedAt, id) появится после изменения ELS API.
|
|
8
8
|
* До этого момента:
|
|
9
9
|
* - `encodeCursor` берёт последний item страницы как anchor, и сохраняет
|
|
10
10
|
* page/limit для offset-pagination upstream;
|
|
@@ -41,7 +41,7 @@ export function hashFilters(filters) {
|
|
|
41
41
|
*
|
|
42
42
|
* @param anchor — последний item текущей страницы (или null если страница пуста).
|
|
43
43
|
* @param filters — объект текущих фильтров для подсчёта hash.
|
|
44
|
-
* @param nextPage —
|
|
44
|
+
* @param nextPage — следующий номер страницы для offset-pagination.
|
|
45
45
|
* @param limit — page size.
|
|
46
46
|
*/
|
|
47
47
|
export function encodeCursor(anchor, filters, nextPage, limit) {
|
package/dist/lib/errors.d.ts
CHANGED
|
@@ -5,16 +5,18 @@
|
|
|
5
5
|
* { isError: true, content: [{ type: 'text', text: <msg> }],
|
|
6
6
|
* _meta: { code, retryAfter?, suggestedAction? } }
|
|
7
7
|
*
|
|
8
|
-
*
|
|
8
|
+
* Коды:
|
|
9
9
|
* - RATE_LIMITED — 429 от ELS
|
|
10
10
|
* - UPSTREAM_UNAVAILABLE — 5xx от ELS (после retry)
|
|
11
11
|
* - INVALID_ARGS — 400 от ELS, либо локальная валидация
|
|
12
12
|
* - NOT_FOUND — 404 (отсутствует traceId, app и т.д.)
|
|
13
13
|
* - INSUFFICIENT_SCOPE — 403 от ELS
|
|
14
|
-
* - QUOTA_EXCEEDED —
|
|
14
|
+
* - QUOTA_EXCEEDED — generic квота (legacy)
|
|
15
|
+
* - TIER_QUOTA_EXCEEDED — основной дневной лимит tier'а
|
|
16
|
+
* - AI_QUOTA_EXCEEDED — отдельная AI-квота для AI-tools
|
|
15
17
|
* - INTERNAL — fallback для непредвиденных ситуаций
|
|
16
18
|
*/
|
|
17
|
-
export type ToolErrorCode = 'RATE_LIMITED' | 'UPSTREAM_UNAVAILABLE' | 'INVALID_ARGS' | 'NOT_FOUND' | 'INSUFFICIENT_SCOPE' | 'QUOTA_EXCEEDED' | 'TIER_QUOTA_EXCEEDED' | 'INTERNAL';
|
|
19
|
+
export type ToolErrorCode = 'RATE_LIMITED' | 'UPSTREAM_UNAVAILABLE' | 'INVALID_ARGS' | 'NOT_FOUND' | 'INSUFFICIENT_SCOPE' | 'QUOTA_EXCEEDED' | 'TIER_QUOTA_EXCEEDED' | 'AI_QUOTA_EXCEEDED' | 'INTERNAL';
|
|
18
20
|
export declare class ToolError extends Error {
|
|
19
21
|
readonly code: ToolErrorCode;
|
|
20
22
|
readonly retryAfter?: number;
|
package/dist/lib/errors.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/lib/errors.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/lib/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,aAAa,GACrB,cAAc,GACd,sBAAsB,GACtB,cAAc,GACd,WAAW,GACX,oBAAoB,GACpB,gBAAgB,GAChB,qBAAqB,GACrB,mBAAmB,GACnB,UAAU,CAAC;AAEf,qBAAa,SAAU,SAAQ,KAAK;IAClC,SAAgB,IAAI,EAAE,aAAa,CAAC;IACpC,SAAgB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpC,SAAgB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzC,SAAgB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAG7C,IAAI,EAAE,aAAa,EACnB,OAAO,EAAE,MAAM,EACf,OAAO,GAAE;QACP,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC/B,KAAK,CAAC,EAAE,OAAO,CAAC;KACZ;IAcR;;OAEG;IACH,YAAY,IAAI;QACd,OAAO,EAAE,IAAI,CAAC;QACd,OAAO,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC/C,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC3C,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KAChC;CAaF;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,OAAO,EACb,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,GAC/B,SAAS,CA4CX"}
|
package/dist/lib/errors.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/lib/errors.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/lib/errors.ts"],"names":[],"mappings":"AA6BA,MAAM,OAAO,SAAU,SAAQ,KAAK;IAClB,IAAI,CAAgB;IACpB,UAAU,CAAU;IACpB,eAAe,CAAU;IACzB,IAAI,CAA2B;IAE/C,YACE,IAAmB,EACnB,OAAe,EACf,UAKI,EAAE;QAEN,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ;YAAE,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACjF,IAAI,OAAO,CAAC,eAAe;YAAE,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;QAC5E,IAAI,OAAO,CAAC,IAAI;YAAE,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;QAC3C,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAChC,qDAAqD;YACpD,IAAoC,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC9D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,YAAY;QAMV,MAAM,KAAK,GAA4B,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;QAC3D,IAAI,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ;YAAE,KAAK,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAC5E,IAAI,IAAI,CAAC,eAAe;YAAE,KAAK,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;QACvE,IAAI,IAAI,CAAC,IAAI;YAAE,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAE/C,OAAO;YACL,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;YACnE,iBAAiB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE;YACnF,KAAK;SACN,CAAC;IACJ,CAAC;CACF;AAED;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAChC,MAAc,EACd,IAAa,EACb,gBAAgC;IAEhC,MAAM,OAAO,GAAG,IAA+D,CAAC;IAChF,MAAM,eAAe,GACnB,CAAC,OAAO,OAAO,EAAE,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;QACzD,CAAC,OAAO,OAAO,EAAE,KAAK,KAAK,QAAQ,IAAI,OAAO,CAAC,KAAK,CAAC;QACrD,yBAAyB,MAAM,EAAE,CAAC;IAEpC,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,MAAM,UAAU,GAAG,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAC3E,OAAO,IAAI,SAAS,CAAC,cAAc,EAAE,eAAe,EAAE;YACpD,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;YACzD,eAAe,EAAE,uDAAuD;SACzE,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,OAAO,IAAI,SAAS,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,OAAO,IAAI,SAAS,CAAC,oBAAoB,EAAE,eAAe,EAAE;YAC1D,eAAe,EAAE,8DAA8D;SAChF,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;QACnB,OAAO,IAAI,SAAS,CAAC,oBAAoB,EAAE,iBAAiB,eAAe,EAAE,EAAE;YAC7E,eAAe,EAAE,4BAA4B;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,IAAI,GAAG,IAAI,MAAM,GAAG,GAAG,EAAE,CAAC;QAClC,OAAO,IAAI,SAAS,CAAC,cAAc,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;QAClB,OAAO,IAAI,SAAS,CAAC,sBAAsB,EAAE,eAAe,EAAE;YAC5D,UAAU,EAAE,CAAC;YACb,eAAe,EAAE,8DAA8D;YAC/E,IAAI,EAAE,EAAE,MAAM,EAAE;SACjB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,IAAI,SAAS,CAAC,UAAU,EAAE,eAAe,EAAE,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC"}
|
|
@@ -1,21 +1,21 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
2
|
+
* Tool-handler middleware:
|
|
3
3
|
* 1. Quota check (`checkQuota`) перед основным запросом.
|
|
4
|
-
* 2.
|
|
5
|
-
* 3.
|
|
4
|
+
* 2. AI quota check (`checkAiQuota`) для AI-tools (см. `isAiTool`).
|
|
5
|
+
* 3. Audit log + usage tracker (fire-and-forget) после.
|
|
6
|
+
* 4. Redaction items в response (если ENV redactionEnabled = true).
|
|
7
|
+
* 5. Prometheus метрики (`mcp_requests_total`, `mcp_request_duration_seconds`,
|
|
8
|
+
* `mcp_errors_total`, `mcp_auth_rejections_total`).
|
|
6
9
|
*
|
|
7
10
|
* Не вносит изменений в существующие tool handlers — оборачивает их в
|
|
8
|
-
* registry.
|
|
9
|
-
* боясь merge conflicts.
|
|
10
|
-
*
|
|
11
|
-
* См. todo/error-logs-service/mcp/06-security.md §2.4, §3, 08-billing-integration.md §2.
|
|
11
|
+
* registry.
|
|
12
12
|
*/
|
|
13
13
|
import type { Logger } from 'pino';
|
|
14
14
|
import type { ToolResult } from '../types.js';
|
|
15
15
|
import { type RedactionConfig } from '../redaction/index.js';
|
|
16
16
|
import { type AuditService } from '../audit/service.js';
|
|
17
17
|
import { type UsageTracker } from '../billing/tracker.js';
|
|
18
|
-
import type
|
|
18
|
+
import { type Tier, type QuotaDecision } from '../billing/limits.js';
|
|
19
19
|
export interface ToolContext {
|
|
20
20
|
/** Текущий app (из API-key / OAuth claim / config.defaultAppId). */
|
|
21
21
|
appId: string;
|
|
@@ -34,8 +34,10 @@ export interface MiddlewareDeps {
|
|
|
34
34
|
audit?: AuditService;
|
|
35
35
|
usage?: UsageTracker;
|
|
36
36
|
redactionConfig?: RedactionConfig;
|
|
37
|
-
/**
|
|
37
|
+
/** Опциональный override основной (per-day) quota check; default — usage tracker. */
|
|
38
38
|
quotaCheck?: (ctx: ToolContext) => Promise<QuotaDecision>;
|
|
39
|
+
/** Опциональный override AI-quota check (используется только для AI-tools). */
|
|
40
|
+
aiQuotaCheck?: (ctx: ToolContext) => Promise<QuotaDecision>;
|
|
39
41
|
}
|
|
40
42
|
type AnyArgs = Record<string, unknown>;
|
|
41
43
|
type Handler<TArgs extends AnyArgs, TClient> = (args: TArgs, client: TClient) => Promise<ToolResult>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"withMiddleware.d.ts","sourceRoot":"","sources":["../../src/middleware/withMiddleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,MAAM,CAAC;AAEnC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAgC,KAAK,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC3F,OAAO,EAAmB,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACzE,OAAO,EAAmB,KAAK,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAC3E,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"withMiddleware.d.ts","sourceRoot":"","sources":["../../src/middleware/withMiddleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,MAAM,CAAC;AAEnC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAgC,KAAK,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC3F,OAAO,EAAmB,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACzE,OAAO,EAAmB,KAAK,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAC3E,OAAO,EAAY,KAAK,IAAI,EAAE,KAAK,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAO/E,MAAM,WAAW,WAAW;IAC1B,oEAAoE;IACpE,KAAK,EAAE,MAAM,CAAC;IACd,gCAAgC;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,4BAA4B;IAC5B,IAAI,EAAE,IAAI,CAAC;IACX,uBAAuB;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,gEAAgE;IAChE,EAAE,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB,KAAK,CAAC,EAAE,YAAY,CAAC;IACrB,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,qFAAqF;IACrF,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,aAAa,CAAC,CAAC;IAC1D,+EAA+E;IAC/E,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,CAAC,aAAa,CAAC,CAAC;CAC7D;AAED,KAAK,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AACvC,KAAK,OAAO,CAAC,KAAK,SAAS,OAAO,EAAE,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,KAAK,OAAO,CAAC,UAAU,CAAC,CAAC;AAErG;;;;;;;;GAQG;AACH,wBAAgB,cAAc,CAAC,KAAK,SAAS,OAAO,EAAE,OAAO,EAC3D,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,EAChC,UAAU,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,KAAK,WAAW,EACzD,IAAI,GAAE,cAAmB,GACxB,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CA+KzB"}
|
|
@@ -1,19 +1,21 @@
|
|
|
1
1
|
/**
|
|
2
|
-
*
|
|
2
|
+
* Tool-handler middleware:
|
|
3
3
|
* 1. Quota check (`checkQuota`) перед основным запросом.
|
|
4
|
-
* 2.
|
|
5
|
-
* 3.
|
|
4
|
+
* 2. AI quota check (`checkAiQuota`) для AI-tools (см. `isAiTool`).
|
|
5
|
+
* 3. Audit log + usage tracker (fire-and-forget) после.
|
|
6
|
+
* 4. Redaction items в response (если ENV redactionEnabled = true).
|
|
7
|
+
* 5. Prometheus метрики (`mcp_requests_total`, `mcp_request_duration_seconds`,
|
|
8
|
+
* `mcp_errors_total`, `mcp_auth_rejections_total`).
|
|
6
9
|
*
|
|
7
10
|
* Не вносит изменений в существующие tool handlers — оборачивает их в
|
|
8
|
-
* registry.
|
|
9
|
-
* боясь merge conflicts.
|
|
10
|
-
*
|
|
11
|
-
* См. todo/error-logs-service/mcp/06-security.md §2.4, §3, 08-billing-integration.md §2.
|
|
11
|
+
* registry.
|
|
12
12
|
*/
|
|
13
13
|
import { ToolError } from '../lib/errors.js';
|
|
14
14
|
import { redactErrorLogs, redactValue } from '../redaction/index.js';
|
|
15
15
|
import { getAuditService } from '../audit/service.js';
|
|
16
16
|
import { getUsageTracker } from '../billing/tracker.js';
|
|
17
|
+
import { isAiTool } from '../billing/limits.js';
|
|
18
|
+
import { recordToolRequest, recordToolError, recordAuthRejection, } from '../observability/metrics.js';
|
|
17
19
|
/**
|
|
18
20
|
* Оборачивает существующий tool handler.
|
|
19
21
|
*
|
|
@@ -30,7 +32,7 @@ export function withMiddleware(toolName, handler, getContext, deps = {}) {
|
|
|
30
32
|
const start = Date.now();
|
|
31
33
|
const audit = deps.audit ?? getAuditService();
|
|
32
34
|
const usage = deps.usage ?? getUsageTracker();
|
|
33
|
-
// 1.
|
|
35
|
+
// 1. Per-day request quota.
|
|
34
36
|
let quota = null;
|
|
35
37
|
try {
|
|
36
38
|
quota = deps.quotaCheck
|
|
@@ -42,6 +44,9 @@ export function withMiddleware(toolName, handler, getContext, deps = {}) {
|
|
|
42
44
|
}
|
|
43
45
|
if (quota && !quota.allowed) {
|
|
44
46
|
const latencyMs = Date.now() - start;
|
|
47
|
+
recordToolRequest(toolName, 'error', false, latencyMs / 1000);
|
|
48
|
+
recordToolError(toolName, 'TIER_QUOTA_EXCEEDED');
|
|
49
|
+
recordAuthRejection('tier_quota_exceeded');
|
|
45
50
|
void audit.recordToolCall({
|
|
46
51
|
appId: ctx.appId,
|
|
47
52
|
keyId: ctx.keyId,
|
|
@@ -63,7 +68,45 @@ export function withMiddleware(toolName, handler, getContext, deps = {}) {
|
|
|
63
68
|
});
|
|
64
69
|
return err.toToolResult();
|
|
65
70
|
}
|
|
66
|
-
// 2.
|
|
71
|
+
// 2. AI quota (только для AI-tools).
|
|
72
|
+
if (isAiTool(toolName)) {
|
|
73
|
+
let aiQuota = null;
|
|
74
|
+
try {
|
|
75
|
+
aiQuota = deps.aiQuotaCheck
|
|
76
|
+
? await deps.aiQuotaCheck(ctx)
|
|
77
|
+
: await usage.checkAiQuota(ctx.appId, ctx.tier);
|
|
78
|
+
}
|
|
79
|
+
catch (err) {
|
|
80
|
+
log?.warn?.({ err }, 'AI quota check failed; allowing request');
|
|
81
|
+
}
|
|
82
|
+
if (aiQuota && !aiQuota.allowed) {
|
|
83
|
+
const latencyMs = Date.now() - start;
|
|
84
|
+
recordToolRequest(toolName, 'error', false, latencyMs / 1000);
|
|
85
|
+
recordToolError(toolName, 'AI_QUOTA_EXCEEDED');
|
|
86
|
+
recordAuthRejection('ai_quota_exceeded');
|
|
87
|
+
void audit.recordToolCall({
|
|
88
|
+
appId: ctx.appId,
|
|
89
|
+
keyId: ctx.keyId,
|
|
90
|
+
tool: toolName,
|
|
91
|
+
args: redactValue(args).value,
|
|
92
|
+
resultBytes: 0,
|
|
93
|
+
latencyMs,
|
|
94
|
+
cacheHit: false,
|
|
95
|
+
...(ctx.ip !== undefined ? { ip: ctx.ip } : {}),
|
|
96
|
+
...(ctx.userAgent !== undefined ? { userAgent: ctx.userAgent } : {}),
|
|
97
|
+
...(ctx.sessionId !== undefined ? { sessionId: ctx.sessionId } : {}),
|
|
98
|
+
statusCode: 429,
|
|
99
|
+
error: 'AI_QUOTA_EXCEEDED',
|
|
100
|
+
});
|
|
101
|
+
const err = new ToolError('AI_QUOTA_EXCEEDED', `Daily AI quota exceeded for ${ctx.tier} tier. Try again after ${aiQuota.retryAfter ?? 0}s.`, {
|
|
102
|
+
...(aiQuota.retryAfter !== undefined ? { retryAfter: aiQuota.retryAfter } : {}),
|
|
103
|
+
suggestedAction: 'Wait for the daily reset or upgrade your tier (AI-tools have a separate quota).',
|
|
104
|
+
meta: { tier: ctx.tier, remaining: 0, aiQuota: true },
|
|
105
|
+
});
|
|
106
|
+
return err.toToolResult();
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
// 3. Run handler.
|
|
67
110
|
let result;
|
|
68
111
|
let statusCode = 200;
|
|
69
112
|
let errorMessage = null;
|
|
@@ -80,6 +123,8 @@ export function withMiddleware(toolName, handler, getContext, deps = {}) {
|
|
|
80
123
|
statusCode = 500;
|
|
81
124
|
errorMessage = err instanceof Error ? err.message : String(err);
|
|
82
125
|
const latencyMs = Date.now() - start;
|
|
126
|
+
recordToolRequest(toolName, 'error', false, latencyMs / 1000);
|
|
127
|
+
recordToolError(toolName, errorMessage);
|
|
83
128
|
void audit.recordToolCall({
|
|
84
129
|
appId: ctx.appId,
|
|
85
130
|
keyId: ctx.keyId,
|
|
@@ -103,9 +148,17 @@ export function withMiddleware(toolName, handler, getContext, deps = {}) {
|
|
|
103
148
|
const meta = (redacted._meta ?? {});
|
|
104
149
|
redacted._meta = { ...meta, overage: true, tier: ctx.tier };
|
|
105
150
|
}
|
|
106
|
-
// 4. Audit + usage (fire-and-forget)
|
|
151
|
+
// 4. Audit + usage + metrics (fire-and-forget).
|
|
107
152
|
const latencyMs = Date.now() - start;
|
|
108
153
|
const resultBytes = estimateBytes(redacted);
|
|
154
|
+
const cacheHit = !!(redacted.structuredContent?._meta &&
|
|
155
|
+
redacted.structuredContent._meta.cached === true);
|
|
156
|
+
// Metrics (sync).
|
|
157
|
+
const status = errorMessage ? 'error' : 'ok';
|
|
158
|
+
recordToolRequest(toolName, status, cacheHit, latencyMs / 1000);
|
|
159
|
+
if (errorMessage) {
|
|
160
|
+
recordToolError(toolName, errorMessage);
|
|
161
|
+
}
|
|
109
162
|
void audit.recordToolCall({
|
|
110
163
|
appId: ctx.appId,
|
|
111
164
|
keyId: ctx.keyId,
|
|
@@ -113,7 +166,7 @@ export function withMiddleware(toolName, handler, getContext, deps = {}) {
|
|
|
113
166
|
args: redactValue(args).value,
|
|
114
167
|
resultBytes,
|
|
115
168
|
latencyMs,
|
|
116
|
-
cacheHit
|
|
169
|
+
cacheHit,
|
|
117
170
|
...(ctx.ip !== undefined ? { ip: ctx.ip } : {}),
|
|
118
171
|
...(ctx.userAgent !== undefined ? { userAgent: ctx.userAgent } : {}),
|
|
119
172
|
...(ctx.sessionId !== undefined ? { sessionId: ctx.sessionId } : {}),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"withMiddleware.js","sourceRoot":"","sources":["../../src/middleware/withMiddleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAE7C,OAAO,EAAE,eAAe,EAAE,WAAW,EAAwB,MAAM,uBAAuB,CAAC;AAC3F,OAAO,EAAE,eAAe,EAAqB,MAAM,qBAAqB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAqB,MAAM,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"withMiddleware.js","sourceRoot":"","sources":["../../src/middleware/withMiddleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAE7C,OAAO,EAAE,eAAe,EAAE,WAAW,EAAwB,MAAM,uBAAuB,CAAC;AAC3F,OAAO,EAAE,eAAe,EAAqB,MAAM,qBAAqB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAqB,MAAM,uBAAuB,CAAC;AAC3E,OAAO,EAAE,QAAQ,EAAiC,MAAM,sBAAsB,CAAC;AAC/E,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,mBAAmB,GACpB,MAAM,6BAA6B,CAAC;AA8BrC;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc,CAC5B,QAAgB,EAChB,OAAgC,EAChC,UAAyD,EACzD,OAAuB,EAAE;IAEzB,OAAO,KAAK,EAAE,IAAW,EAAE,MAAe,EAAuB,EAAE;QACjE,MAAM,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEzB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,eAAe,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,eAAe,EAAE,CAAC;QAE9C,4BAA4B;QAC5B,IAAI,KAAK,GAAyB,IAAI,CAAC;QACvC,IAAI,CAAC;YACH,KAAK,GAAG,IAAI,CAAC,UAAU;gBACrB,CAAC,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;gBAC5B,CAAC,CAAC,MAAM,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;QAClD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,sCAAsC,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACrC,iBAAiB,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,GAAG,IAAI,CAAC,CAAC;YAC9D,eAAe,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;YACjD,mBAAmB,CAAC,qBAAqB,CAAC,CAAC;YAC3C,KAAK,KAAK,CAAC,cAAc,CAAC;gBACxB,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC,KAAgC;gBACxD,WAAW,EAAE,CAAC;gBACd,SAAS;gBACT,QAAQ,EAAE,KAAK;gBACf,GAAG,CAAC,GAAG,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/C,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,UAAU,EAAE,GAAG;gBACf,KAAK,EAAE,qBAAqB;aAC7B,CAAC,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,SAAS,CACvB,qBAAqB,EACrB,oCAAoC,GAAG,CAAC,IAAI,0BAA0B,KAAK,CAAC,UAAU,IAAI,CAAC,IAAI,EAC/F;gBACE,GAAG,CAAC,KAAK,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3E,eAAe,EAAE,gDAAgD;gBACjE,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE;aACvC,CACF,CAAC;YACF,OAAO,GAAG,CAAC,YAAY,EAAE,CAAC;QAC5B,CAAC;QAED,qCAAqC;QACrC,IAAI,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvB,IAAI,OAAO,GAAyB,IAAI,CAAC;YACzC,IAAI,CAAC;gBACH,OAAO,GAAG,IAAI,CAAC,YAAY;oBACzB,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC;oBAC9B,CAAC,CAAC,MAAM,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YACpD,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,yCAAyC,CAAC,CAAC;YAClE,CAAC;YACD,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAChC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;gBACrC,iBAAiB,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,GAAG,IAAI,CAAC,CAAC;gBAC9D,eAAe,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;gBAC/C,mBAAmB,CAAC,mBAAmB,CAAC,CAAC;gBACzC,KAAK,KAAK,CAAC,cAAc,CAAC;oBACxB,KAAK,EAAE,GAAG,CAAC,KAAK;oBAChB,KAAK,EAAE,GAAG,CAAC,KAAK;oBAChB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC,KAAgC;oBACxD,WAAW,EAAE,CAAC;oBACd,SAAS;oBACT,QAAQ,EAAE,KAAK;oBACf,GAAG,CAAC,GAAG,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC/C,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACpE,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACpE,UAAU,EAAE,GAAG;oBACf,KAAK,EAAE,mBAAmB;iBAC3B,CAAC,CAAC;gBACH,MAAM,GAAG,GAAG,IAAI,SAAS,CACvB,mBAAmB,EACnB,+BAA+B,GAAG,CAAC,IAAI,0BAA0B,OAAO,CAAC,UAAU,IAAI,CAAC,IAAI,EAC5F;oBACE,GAAG,CAAC,OAAO,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC/E,eAAe,EAAE,iFAAiF;oBAClG,IAAI,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE;iBACtD,CACF,CAAC;gBACF,OAAO,GAAG,CAAC,YAAY,EAAE,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,IAAI,MAAkB,CAAC;QACvB,IAAI,UAAU,GAAG,GAAG,CAAC;QACrB,IAAI,YAAY,GAAkB,IAAI,CAAC;QAEvC,IAAI,CAAC;YACH,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACrC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACnB,UAAU,GAAG,GAAG,CAAC;gBACjB,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC;gBAC7D,MAAM,IAAI,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC;gBACpE,YAAY,GAAG,IAAI,CAAC;YACtB,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,UAAU,GAAG,GAAG,CAAC;YACjB,YAAY,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAChE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;YACrC,iBAAiB,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,GAAG,IAAI,CAAC,CAAC;YAC9D,eAAe,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YACxC,KAAK,KAAK,CAAC,cAAc,CAAC;gBACxB,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC,KAAgC;gBACxD,WAAW,EAAE,CAAC;gBACd,SAAS;gBACT,QAAQ,EAAE,KAAK;gBACf,GAAG,CAAC,GAAG,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/C,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,UAAU;gBACV,KAAK,EAAE,YAAY;aACpB,CAAC,CAAC;YACH,MAAM,GAAG,CAAC;QACZ,CAAC;QAED,eAAe;QACf,MAAM,QAAQ,GAAG,sBAAsB,CAAC,MAAM,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;QAEtE,+BAA+B;QAC/B,IAAI,KAAK,EAAE,OAAO,EAAE,CAAC;YACnB,MAAM,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC;YAC/D,QAAQ,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9D,CAAC;QAED,gDAAgD;QAChD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;QACrC,MAAM,WAAW,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,CAAC,CAAC,CACjB,QAAQ,CAAC,iBAAiB,EAAE,KAAK;YAChC,QAAQ,CAAC,iBAAiB,CAAC,KAAiC,CAAC,MAAM,KAAK,IAAI,CAC9E,CAAC;QAEF,kBAAkB;QAClB,MAAM,MAAM,GAAmB,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;QAC7D,iBAAiB,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,GAAG,IAAI,CAAC,CAAC;QAChE,IAAI,YAAY,EAAE,CAAC;YACjB,eAAe,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAC1C,CAAC;QAED,KAAK,KAAK,CAAC,cAAc,CAAC;YACxB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC,KAAgC;YACxD,WAAW;YACX,SAAS;YACT,QAAQ;YACR,GAAG,CAAC,GAAG,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,GAAG,CAAC,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,UAAU;YACV,KAAK,EAAE,YAAY;SACpB,CAAC,CAAC;QAEH,KAAK,KAAK,CAAC,UAAU,CAAC;YACpB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,IAAI,EAAE,QAAQ;YACd,QAAQ,EAAE,WAAW;SACtB,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,sBAAsB,CAAC,MAAkB,EAAE,GAAqB;IACvE,MAAM,EAAE,GAAG,MAAM,CAAC,iBAAiB,CAAC;IACpC,IAAI,CAAC,EAAE;QAAE,OAAO,MAAM,CAAC;IAEvB,MAAM,KAAK,GAA4B,EAAE,GAAG,EAAE,EAAE,CAAC;IACjD,IAAI,mBAAmB,GAAG,KAAK,CAAC;IAEhC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAuC,CAAC;QAC5D,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK,EAAE,GAAG,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC3F,KAAK,CAAC,KAAK,GAAG,aAAa,CAAC;QAC5B,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,wBAAwB,EAAE,CAAC;YACjE,mBAAmB,GAAG,IAAI,CAAC;QAC7B,CAAC;QACD,IAAI,KAAK,CAAC,wBAAwB,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC;YAC5D,KAAK,CAAC,KAAK,GAAG;gBACZ,GAAG,IAAI;gBACP,wBAAwB,EAAE,IAAI;gBAC9B,cAAc,EAAE,KAAK,CAAC,cAAc;aACrC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,GAAG,IAAI,OAAO,KAAK,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5E,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK,EAAE,GAAG,eAAe,CACrD,CAAC,KAAK,CAAC,GAA8B,CAAC,EACtC,GAAG,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAC3B,CAAC;QACF,KAAK,CAAC,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;QAC7B,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,wBAAwB,EAAE,CAAC;YACjE,mBAAmB,GAAG,IAAI,CAAC;QAC7B,CAAC;QACD,IAAI,KAAK,CAAC,wBAAwB,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC;YAC5D,KAAK,CAAC,KAAK,GAAG;gBACZ,GAAG,IAAI;gBACP,wBAAwB,EAAE,IAAI;gBAC9B,cAAc,EAAE,KAAK,CAAC,cAAc;aACrC,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,mBAAmB,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAA4B,CAAC;QAC5D,KAAK,CAAC,KAAK,GAAG,EAAE,GAAG,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;IACpD,CAAC;IAED,OAAO,EAAE,GAAG,MAAM,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAC;AACjD,CAAC;AAED,SAAS,aAAa,CAAC,MAAkB;IACvC,IAAI,CAAC;QACH,OAAO,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,CAAC;IAC3D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC"}
|
|
@@ -13,8 +13,8 @@ import type { ElsClient } from '../elsClient.js';
|
|
|
13
13
|
* 503 если хотя бы одна failed. Используется k8s `readinessProbe`
|
|
14
14
|
* (исключение pod'а из service endpoints).
|
|
15
15
|
*
|
|
16
|
-
*
|
|
17
|
-
* `/els/
|
|
16
|
+
* HTTP transport подключает эти функции к Express routes `/els/healthz` и
|
|
17
|
+
* `/els/readyz` через DI.
|
|
18
18
|
*/
|
|
19
19
|
export interface LivenessResult {
|
|
20
20
|
status: 'ok';
|
|
@@ -11,7 +11,7 @@ import { type Logger } from 'pino';
|
|
|
11
11
|
* спеки `07-observability.md`).
|
|
12
12
|
* - Base fields: service, version, pod (HOSTNAME).
|
|
13
13
|
*
|
|
14
|
-
* Per-request child logger создаётся в HTTP middleware
|
|
14
|
+
* Per-request child logger создаётся в HTTP middleware через
|
|
15
15
|
* `logger.child({ requestId, sessionId, appSlug, tool })`.
|
|
16
16
|
*/
|
|
17
17
|
export interface LoggerConfig {
|
|
@@ -7,11 +7,11 @@ import type { Logger } from 'pino';
|
|
|
7
7
|
*
|
|
8
8
|
* Auto-instrumentation:
|
|
9
9
|
* - HTTP / undici (upstream ELS calls)
|
|
10
|
-
* - Express (
|
|
10
|
+
* - Express (HTTP transport)
|
|
11
11
|
* - ioredis (cache GET / SETEX)
|
|
12
12
|
*
|
|
13
13
|
* Custom spans:
|
|
14
|
-
* - `mcp.tool.{name}` — оборачивает каждый tool handler
|
|
14
|
+
* - `mcp.tool.{name}` — оборачивает каждый tool handler.
|
|
15
15
|
*
|
|
16
16
|
* Lazy import: `@opentelemetry/sdk-node` — тяжёлая зависимость (~30MB), грузим
|
|
17
17
|
* только если endpoint задан. Это снижает cold-start время stdio-режима.
|
package/dist/prompts/index.d.ts
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
|
|
2
2
|
import type { Logger } from 'pino';
|
|
3
3
|
/**
|
|
4
|
-
*
|
|
5
|
-
*
|
|
4
|
+
* MCP-prompts: предопределённые шаблоны разговоров для типовых сценариев
|
|
5
|
+
* SRE / release engineer.
|
|
6
6
|
*
|
|
7
7
|
* Каждый prompt:
|
|
8
8
|
* - имеет argsSchema (Zod raw shape — SDK генерит JSON Schema автоматически);
|
package/dist/prompts/index.js
CHANGED
|
@@ -120,7 +120,7 @@ export function registerPrompts(server, opts = {}) {
|
|
|
120
120
|
`1. \`get_log_details\` с traceId=${traceId}.`,
|
|
121
121
|
`2. \`find_similar_errors\` с этим же traceId.`,
|
|
122
122
|
`3. \`find_correlated_errors\` (windowMinutes=15).`,
|
|
123
|
-
`4. \`explain_error\` traceId=${traceId} — соберёт контекст; AI-summary
|
|
123
|
+
`4. \`explain_error\` traceId=${traceId} — соберёт контекст; AI-summary пока не доступен, синтезируй сам.`,
|
|
124
124
|
].join('\n')
|
|
125
125
|
: [
|
|
126
126
|
`Старт: fingerprint=${fingerprint}.`,
|
|
@@ -3,11 +3,8 @@
|
|
|
3
3
|
* 1. Оборачиваем untrusted-контент в `<untrusted>...</untrusted>` теги.
|
|
4
4
|
* 2. Сканируем на regex-deny-list. При совпадении — флаг `suspicious=true`,
|
|
5
5
|
* вызывающий код может заменить контент на `<blocked: suspicious content>`.
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
* Phase 6: при detect инкрементим Prometheus counter
|
|
10
|
-
* `mcp_prompt_injection_blocked_total{rule}`.
|
|
6
|
+
* 3. При detect инкрементим Prometheus counter
|
|
7
|
+
* `mcp_prompt_injection_blocked_total{rule}`.
|
|
11
8
|
*/
|
|
12
9
|
/** Regex-список «подозрительных» паттернов в untrusted-контенте. */
|
|
13
10
|
export declare const SUSPICIOUS_PATTERNS: Array<{
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"promptInjection.d.ts","sourceRoot":"","sources":["../../src/redaction/promptInjection.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"promptInjection.d.ts","sourceRoot":"","sources":["../../src/redaction/promptInjection.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,oEAAoE;AACpE,eAAO,MAAM,mBAAmB,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,CAUnE,CAAC;AAOF;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,MAAM,GAAG,IAAI,CAM5E;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,eAAe,GAAG,IAAI,CAcxF;AAED,sDAAsD;AACtD,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAAG,OAAO,CAE3E"}
|
|
@@ -3,11 +3,8 @@
|
|
|
3
3
|
* 1. Оборачиваем untrusted-контент в `<untrusted>...</untrusted>` теги.
|
|
4
4
|
* 2. Сканируем на regex-deny-list. При совпадении — флаг `suspicious=true`,
|
|
5
5
|
* вызывающий код может заменить контент на `<blocked: suspicious content>`.
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
* Phase 6: при detect инкрементим Prometheus counter
|
|
10
|
-
* `mcp_prompt_injection_blocked_total{rule}`.
|
|
6
|
+
* 3. При detect инкрементим Prometheus counter
|
|
7
|
+
* `mcp_prompt_injection_blocked_total{rule}`.
|
|
11
8
|
*/
|
|
12
9
|
import { recordPromptInjectionBlocked } from '../observability/metrics.js';
|
|
13
10
|
/** Regex-список «подозрительных» паттернов в untrusted-контенте. */
|
|
@@ -49,7 +46,7 @@ export function detectSuspicious(text) {
|
|
|
49
46
|
return null;
|
|
50
47
|
for (const { name, re } of SUSPICIOUS_PATTERNS) {
|
|
51
48
|
if (re.test(text)) {
|
|
52
|
-
//
|
|
49
|
+
// Метрика на каждое срабатывание.
|
|
53
50
|
try {
|
|
54
51
|
recordPromptInjectionBlocked(name);
|
|
55
52
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"promptInjection.js","sourceRoot":"","sources":["../../src/redaction/promptInjection.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"promptInjection.js","sourceRoot":"","sources":["../../src/redaction/promptInjection.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,4BAA4B,EAAE,MAAM,6BAA6B,CAAC;AAE3E,oEAAoE;AACpE,MAAM,CAAC,MAAM,mBAAmB,GAAwC;IACtE,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE,kEAAkE,EAAE;IACnG,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE,wCAAwC,EAAE;IACzE,EAAE,IAAI,EAAE,aAAa,EAAE,EAAE,EAAE,mBAAmB,EAAE;IAChD,EAAE,IAAI,EAAE,gBAAgB,EAAE,EAAE,EAAE,sBAAsB,EAAE;IACtD,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,EAAE,uBAAuB,EAAE;IAClD,EAAE,IAAI,EAAE,aAAa,EAAE,EAAE,EAAE,cAAc,EAAE;IAC3C,EAAE,IAAI,EAAE,aAAa,EAAE,EAAE,EAAE,iCAAiC,EAAE;IAC9D,EAAE,IAAI,EAAE,gBAAgB,EAAE,EAAE,EAAE,yCAAyC,EAAE;IACzE,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,EAAE,YAAY,EAAE;CACxC,CAAC;AAEF,MAAM,QAAQ,GAAG,aAAa,CAAC;AAC/B,MAAM,SAAS,GAAG,cAAc,CAAC;AACjC,MAAM,YAAY,GAAG,mBAAmB,CAAC;AACzC,MAAM,aAAa,GAAG,oBAAoB,CAAC;AAE3C;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,IAA+B;IAC3D,IAAI,IAAI,KAAK,IAAI,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IACrD,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC,OAAO,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;IACtG,OAAO,GAAG,QAAQ,GAAG,OAAO,GAAG,SAAS,EAAE,CAAC;AAC7C,CAAC;AAMD;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAA+B;IAC9D,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACnD,KAAK,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,mBAAmB,EAAE,CAAC;QAC/C,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAClB,kCAAkC;YAClC,IAAI,CAAC;gBACH,4BAA4B,CAAC,IAAI,CAAC,CAAC;YACrC,CAAC;YAAC,MAAM,CAAC;gBACP,gDAAgD;YAClD,CAAC;YACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QACxB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,sDAAsD;AACtD,MAAM,UAAU,kBAAkB,CAAC,IAA+B;IAChE,OAAO,gBAAgB,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC;AACzC,CAAC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Сокращение userAgent до family (browser / runtime name).
|
|
3
3
|
*
|
|
4
|
-
*
|
|
4
|
+
* Упрощённый matcher без зависимости на ua-parser-js (минимизируем
|
|
5
5
|
* supply-chain). Покрывает 99 % browser/runtime семейств, встречающихся в логах.
|
|
6
6
|
* При необходимости можно поменять на ua-parser-js в будущем — контракт остаётся.
|
|
7
7
|
*/
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Сокращение userAgent до family (browser / runtime name).
|
|
3
3
|
*
|
|
4
|
-
*
|
|
4
|
+
* Упрощённый matcher без зависимости на ua-parser-js (минимизируем
|
|
5
5
|
* supply-chain). Покрывает 99 % browser/runtime семейств, встречающихся в логах.
|
|
6
6
|
* При необходимости можно поменять на ua-parser-js в будущем — контракт остаётся.
|
|
7
7
|
*/
|
|
@@ -2,11 +2,11 @@ import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
|
|
|
2
2
|
import type { Logger } from 'pino';
|
|
3
3
|
import type { ElsClient } from '../elsClient.js';
|
|
4
4
|
/**
|
|
5
|
-
*
|
|
5
|
+
* MCP-resources поверх ELS.
|
|
6
6
|
*
|
|
7
7
|
* Подход: каждый resource — это thin wrapper над соответствующим tool/handler,
|
|
8
|
-
* чтобы вся business-логика жила в одном месте.
|
|
9
|
-
*
|
|
8
|
+
* чтобы вся business-логика жила в одном месте. Subscriptions пока не
|
|
9
|
+
* реализованы — на каждый read делается свежий upstream-вызов.
|
|
10
10
|
*
|
|
11
11
|
* Зарегистрированные URI:
|
|
12
12
|
* els://apps — список доступных apps
|
package/dist/resources/index.js
CHANGED
|
@@ -69,7 +69,7 @@ export function registerResources(server, opts) {
|
|
|
69
69
|
// ─── els://apps/{slug}/recent-critical ───────────────────────────────────
|
|
70
70
|
server.registerResource('els-app-recent-critical', new ResourceTemplate('els://apps/{slug}/recent-critical', { list: undefined }), {
|
|
71
71
|
title: 'Recent CRITICAL errors (last hour, top 50)',
|
|
72
|
-
description: 'Up to 50 CRITICAL errors from the last hour, newest first.
|
|
72
|
+
description: 'Up to 50 CRITICAL errors from the last hour, newest first. No subscriptions yet (each read = fresh upstream call).',
|
|
73
73
|
mimeType: 'application/json',
|
|
74
74
|
}, async (uri, variables) => {
|
|
75
75
|
const slug = String(variables.slug ?? '');
|
|
@@ -129,7 +129,7 @@ export function registerResources(server, opts) {
|
|
|
129
129
|
// ─── els://apps/{slug}/saved-queries (V2 placeholder) ────────────────────
|
|
130
130
|
server.registerResource('els-app-saved-queries', new ResourceTemplate('els://apps/{slug}/saved-queries', { list: undefined }), {
|
|
131
131
|
title: 'Saved JQL queries (not implemented yet)',
|
|
132
|
-
description: 'Placeholder for V2: saved JQL queries per app. Returns empty list with notImplemented marker until
|
|
132
|
+
description: 'Placeholder for V2: saved JQL queries per app. Returns empty list with notImplemented marker until a future release.',
|
|
133
133
|
mimeType: 'application/json',
|
|
134
134
|
}, async (uri, variables) => {
|
|
135
135
|
const slug = String(variables.slug ?? '');
|
|
@@ -138,8 +138,8 @@ export function registerResources(server, opts) {
|
|
|
138
138
|
items: [],
|
|
139
139
|
_meta: {
|
|
140
140
|
notImplemented: true,
|
|
141
|
-
plannedFor: '
|
|
142
|
-
rationale: 'Saved queries are a UI feature in LK; MCP
|
|
141
|
+
plannedFor: 'next-release (post-GA)',
|
|
142
|
+
rationale: 'Saved queries are a UI feature in LK; MCP will deliver when the JQL editor is stable.',
|
|
143
143
|
},
|
|
144
144
|
});
|
|
145
145
|
});
|