@ivotoby/openapi-mcp-server 1.12.5 → 1.14.0

package/dist/cli.js

@@ -11659,6 +11659,8 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 
 // src/server.ts
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
+import { readFileSync } from "node:fs";
+import { Agent as HttpsAgent } from "node:https";
 import {
   ListToolsRequestSchema,
   CallToolRequestSchema,
@@ -14406,14 +14408,39 @@ function generateToolId(method, path2) {
   return `${method.toUpperCase()}::${sanitizedPath}`;
 }
 
+// src/utils/logger.ts
+var Logger = class {
+  constructor(verbose = true) {
+    this.verbose = verbose;
+  }
+  setVerbose(verbose) {
+    this.verbose = verbose ?? true;
+  }
+  warn(message, ...optionalParams) {
+    if (this.verbose) {
+      console.warn(message, ...optionalParams);
+    }
+  }
+  error(message, ...optionalParams) {
+    if (this.verbose) {
+      console.error(message, ...optionalParams);
+    }
+  }
+  fatal(message, ...optionalParams) {
+    console.error(message, ...optionalParams);
+  }
+};
+
 // src/openapi-loader.ts
 var OpenAPISpecLoader = class {
   /**
    * Disable name optimization
    */
   disableAbbreviation;
+  logger;
   constructor(config) {
     this.disableAbbreviation = config?.disableAbbreviation ?? false;
+    this.logger = new Logger(config?.verbose ?? true);
   }
   /**
    * Load an OpenAPI specification from various sources
@@ -14633,7 +14660,7 @@ var OpenAPISpecLoader = class {
    */
   determineParameterType(paramSchema, paramName) {
     if (Object.keys(paramSchema).length === 0 && typeof paramSchema !== "boolean") {
-      console.warn(
+      this.logger.warn(
         `Parameter '${paramName}' schema was empty after inlining (potential cycle or unresolvable ref), defaulting to string.`
       );
       return "string";
@@ -14689,19 +14716,19 @@ var OpenAPISpecLoader = class {
               if (resolvedParam && "name" in resolvedParam && "in" in resolvedParam) {
                 paramObj = resolvedParam;
               } else {
-                console.warn(
+                this.logger.warn(
                   `Could not resolve path-level parameter reference or invalid structure: ${param.$ref}`
                 );
                 continue;
               }
             } else {
-              console.warn(`Could not parse path-level parameter reference: ${param.$ref}`);
+              this.logger.warn(`Could not parse path-level parameter reference: ${param.$ref}`);
               continue;
             }
           } else if ("name" in param && "in" in param) {
             paramObj = param;
           } else {
-            console.warn(
+            this.logger.warn(
               "Skipping path-level parameter due to missing 'name' or 'in' properties and not being a valid $ref:",
               param
             );
@@ -14717,7 +14744,7 @@ var OpenAPISpecLoader = class {
         if (!["get", "post", "put", "patch", "delete", "options", "head"].includes(
           method.toLowerCase()
         )) {
-          console.warn(`Skipping non-HTTP method "${method}" for path ${path2}`);
+          this.logger.warn(`Skipping non-HTTP method "${method}" for path ${path2}`);
           continue;
         }
         const op = operation;
@@ -14755,19 +14782,19 @@ var OpenAPISpecLoader = class {
                 if (resolvedParam && "name" in resolvedParam && "in" in resolvedParam) {
                   paramObj = resolvedParam;
                 } else {
-                  console.warn(
+                  this.logger.warn(
                     `Could not resolve parameter reference or invalid structure: ${param.$ref}`
                   );
                   continue;
                 }
               } else {
-                console.warn(`Could not parse parameter reference: ${param.$ref}`);
+                this.logger.warn(`Could not parse parameter reference: ${param.$ref}`);
                 continue;
               }
             } else if ("name" in param && "in" in param) {
               paramObj = param;
             } else {
-              console.warn(
+              this.logger.warn(
                 "Skipping parameter due to missing 'name' or 'in' properties and not being a valid $ref:",
                 param
               );
@@ -14818,19 +14845,19 @@ var OpenAPISpecLoader = class {
               if (resolvedRequestBody && "content" in resolvedRequestBody) {
                 requestBodyObj = resolvedRequestBody;
               } else {
-                console.warn(
+                this.logger.warn(
                   `Could not resolve requestBody reference or invalid structure: ${op.requestBody.$ref}`
                 );
                 continue;
               }
             } else {
-              console.warn(`Could not parse requestBody reference: ${op.requestBody.$ref}`);
+              this.logger.warn(`Could not parse requestBody reference: ${op.requestBody.$ref}`);
               continue;
             }
           } else if ("content" in op.requestBody) {
             requestBodyObj = op.requestBody;
           } else {
-            console.warn("Skipping requestBody due to invalid structure:", op.requestBody);
+            this.logger.warn("Skipping requestBody due to invalid structure:", op.requestBody);
             continue;
           }
           let mediaTypeObj;
@@ -15033,12 +15060,15 @@ var ToolsManager = class {
     this.config = config;
     this.config.toolsMode = this.config.toolsMode || "all";
     this.specLoader = new OpenAPISpecLoader({
-      disableAbbreviation: this.config.disableAbbreviation
+      disableAbbreviation: this.config.disableAbbreviation,
+      verbose: this.config.verbose
     });
+    this.logger = new Logger(this.config.verbose);
   }
   tools = /* @__PURE__ */ new Map();
   specLoader;
   loadedSpec;
+  logger;
   /**
    * Get the OpenAPI spec loader instance
    */
@@ -15124,7 +15154,7 @@ var ToolsManager = class {
       }
       this.tools = filtered2;
       for (const [toolId, tool] of this.tools.entries()) {
-        console.error(`Registered tool: ${toolId} (${tool.name})`);
+        this.logger.error(`Registered tool: ${toolId} (${tool.name})`);
       }
       return;
     }
@@ -15170,7 +15200,7 @@ var ToolsManager = class {
     }
     this.tools = filtered;
     for (const [toolId, tool] of this.tools.entries()) {
-      console.error(`Registered tool: ${toolId} (${tool.name})`);
+      this.logger.error(`Registered tool: ${toolId} (${tool.name})`);
     }
   }
   /**
@@ -19061,8 +19091,9 @@ var ApiClient = class {
    * @param baseUrl - Base URL for the API
    * @param authProviderOrHeaders - AuthProvider instance or static headers for backward compatibility
    * @param specLoader - Optional OpenAPI spec loader for dynamic meta-tools
+   * @param options - Optional HTTP client configuration
    */
-  constructor(baseUrl, authProviderOrHeaders, specLoader) {
+  constructor(baseUrl, authProviderOrHeaders, specLoader, options) {
     this.axiosInstance = axios_default.create({
       baseURL: baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`,
       timeout: 3e4,
@@ -19071,8 +19102,9 @@ var ApiClient = class {
       // 50MB response body limit
       maxBodyLength: 50 * 1024 * 1024,
       // 50MB request body limit
-      maxRedirects: 5
+      maxRedirects: 5,
       // Limit redirect chains to prevent abuse
+      httpsAgent: options?.httpsAgent
     });
     if (!authProviderOrHeaders) {
       this.authProvider = new StaticAuthProvider();
@@ -19767,8 +19799,10 @@ var OpenAPIServer = class {
   promptsManager;
   resourcesManager;
   config;
+  logger;
   constructor(config) {
     this.config = config;
+    this.logger = new Logger(config.verbose);
     if (config.prompts?.length) {
       this.promptsManager = new PromptsManager({ prompts: config.prompts });
     }
@@ -19787,19 +19821,60 @@ var OpenAPIServer = class {
     if (this.resourcesManager) {
       capabilities.resources = {};
     }
-    this.server = new Server(
-      { name: config.name, version: config.version },
-      { capabilities }
-    );
+    this.server = new Server({ name: config.name, version: config.version }, { capabilities });
     this.toolsManager = new ToolsManager(config);
     const authProviderOrHeaders = config.authProvider || new StaticAuthProvider(config.headers);
-    this.apiClient = new ApiClient(
+    const apiClientOptions = this.createApiClientOptions();
+    this.apiClient = apiClientOptions ? new ApiClient(
       config.apiBaseUrl,
       authProviderOrHeaders,
-      this.toolsManager.getSpecLoader()
-    );
+      this.toolsManager.getSpecLoader(),
+      apiClientOptions
+    ) : new ApiClient(config.apiBaseUrl, authProviderOrHeaders, this.toolsManager.getSpecLoader());
     this.initializeHandlers();
   }
+  createApiClientOptions() {
+    const hasClientCert = !!this.config.clientCertPath;
+    const hasClientKey = !!this.config.clientKeyPath;
+    if (hasClientCert !== hasClientKey) {
+      throw new Error("clientCertPath and clientKeyPath must be provided together");
+    }
+    if (this.config.clientKeyPassphrase && !hasClientKey) {
+      throw new Error("clientKeyPassphrase requires clientKeyPath and clientCertPath");
+    }
+    const rejectUnauthorized = this.config.rejectUnauthorized ?? true;
+    const shouldConfigureHttpsAgent = hasClientCert || hasClientKey || !!this.config.caCertPath || rejectUnauthorized === false;
+    if (!shouldConfigureHttpsAgent) {
+      return void 0;
+    }
+    let apiUrl;
+    try {
+      apiUrl = new URL(this.config.apiBaseUrl.trim());
+    } catch {
+      throw new Error("TLS options require apiBaseUrl to be a valid https:// URL");
+    }
+    if (apiUrl.protocol !== "https:") {
+      throw new Error("TLS options require apiBaseUrl to use https://");
+    }
+    const httpsAgentOptions = {
+      rejectUnauthorized
+    };
+    if (this.config.clientCertPath) {
+      httpsAgentOptions.cert = readFileSync(this.config.clientCertPath, "utf8");
+    }
+    if (this.config.clientKeyPath) {
+      httpsAgentOptions.key = readFileSync(this.config.clientKeyPath, "utf8");
+    }
+    if (this.config.caCertPath) {
+      httpsAgentOptions.ca = readFileSync(this.config.caCertPath, "utf8");
+    }
+    if (this.config.clientKeyPassphrase) {
+      httpsAgentOptions.passphrase = this.config.clientKeyPassphrase;
+    }
+    return {
+      httpsAgent: new HttpsAgent(httpsAgentOptions)
+    };
+  }
   /**
    * Initialize request handlers
    */
@@ -19811,21 +19886,21 @@ var OpenAPIServer = class {
     });
     this.server.setRequestHandler(CallToolRequestSchema, async (request) => {
       const { id, name, arguments: params } = request.params;
-      console.error("Received request:", request.params);
-      console.error("Using parameters from arguments:", params);
+      this.logger.error("Received request:", request.params);
+      this.logger.error("Using parameters from arguments:", params);
       const idOrName = typeof id === "string" ? id : typeof name === "string" ? name : "";
       if (!idOrName) {
         throw new Error("Tool ID or name is required");
       }
       const toolInfo = this.toolsManager.findTool(idOrName);
       if (!toolInfo) {
-        console.error(
+        this.logger.error(
           `Available tools: ${Array.from(this.toolsManager.getAllTools()).map((t) => t.name).join(", ")}`
         );
         throw new Error(`Tool not found: ${idOrName}`);
       }
       const { toolId, tool } = toolInfo;
-      console.error(`Executing tool: ${toolId} (${tool.name})`);
+      this.logger.error(`Executing tool: ${toolId} (${tool.name})`);
       try {
         const result = await this.apiClient.executeApiCall(toolId, params || {});
         return {
@@ -19856,10 +19931,7 @@ var OpenAPIServer = class {
         prompts: this.promptsManager.getAllPrompts()
       }));
       this.server.setRequestHandler(GetPromptRequestSchema, async (request) => {
-        return this.promptsManager.getPrompt(
-          request.params.name,
-          request.params.arguments
-        );
+        return this.promptsManager.getPrompt(request.params.name, request.params.arguments);
       });
     }
     if (this.resourcesManager) {
@@ -20211,7 +20283,7 @@ function sync_default(start, callback) {
 
 // node_modules/yargs/lib/platform-shims/esm.mjs
 import { inspect } from "util";
-import { readFileSync as readFileSync3 } from "fs";
+import { readFileSync as readFileSync4 } from "fs";
 import { fileURLToPath } from "url";
 
 // node_modules/yargs-parser/build/lib/index.js
@@ -21154,7 +21226,7 @@ function stripQuotes(val) {
 }
 
 // node_modules/yargs-parser/build/lib/index.js
-import { readFileSync } from "fs";
+import { readFileSync as readFileSync2 } from "fs";
 var _a;
 var _b;
 var _c;
@@ -21181,7 +21253,7 @@ var parser = new YargsParser({
     if (typeof __require !== "undefined") {
       return __require(path2);
     } else if (path2.match(/\.json$/)) {
-      return JSON.parse(readFileSync(path2, "utf8"));
+      return JSON.parse(readFileSync2(path2, "utf8"));
     } else {
       throw Error("only .json config files are supported in ESM");
     }
@@ -21233,12 +21305,12 @@ var YError = class _YError extends Error {
 };
 
 // node_modules/y18n/build/lib/platform-shims/node.js
-import { readFileSync as readFileSync2, statSync as statSync2, writeFile } from "fs";
+import { readFileSync as readFileSync3, statSync as statSync2, writeFile } from "fs";
 import { format as format2 } from "util";
 import { resolve as resolve3 } from "path";
 var node_default2 = {
   fs: {
-    readFileSync: readFileSync2,
+    readFileSync: readFileSync3,
     writeFile
   },
   format: format2,
@@ -21462,7 +21534,7 @@ var esm_default = {
     nextTick: process.nextTick,
     stdColumns: typeof process.stdout.columns !== "undefined" ? process.stdout.columns : null
   },
-  readFileSync: readFileSync3,
+  readFileSync: readFileSync4,
   require: () => {
     throw new YError(REQUIRE_ERROR);
   },
@@ -24765,6 +24837,25 @@ function parseHeaders(headerStr) {
   }
   return headers;
 }
+function parseOptionalBoolean(value, optionName) {
+  if (value === void 0 || value === null || value === "") {
+    return void 0;
+  }
+  if (typeof value === "boolean") {
+    return value;
+  }
+  if (typeof value !== "string") {
+    throw new Error(`${optionName} must be a boolean value`);
+  }
+  const normalized = value.trim().toLowerCase();
+  if (["true", "1", "yes", "on"].includes(normalized)) {
+    return true;
+  }
+  if (["false", "0", "no", "off"].includes(normalized)) {
+    return false;
+  }
+  throw new Error(`${optionName} must be one of: true, false, 1, 0, yes, no, on, off`);
+}
 function loadConfig() {
   const argv = yargs_default(hideBin(process.argv)).option("transport", {
     alias: "t",
@@ -24799,6 +24890,21 @@ function loadConfig() {
     alias: "H",
     type: "string",
     description: "API headers in format 'key1:value1,key2:value2'"
+  }).option("client-cert", {
+    type: "string",
+    description: "Path to client certificate PEM file for mutual TLS"
+  }).option("client-key", {
+    type: "string",
+    description: "Path to client private key PEM file for mutual TLS"
+  }).option("ca-cert", {
+    type: "string",
+    description: "Path to custom CA certificate PEM file"
+  }).option("client-key-passphrase", {
+    type: "string",
+    description: "Passphrase for encrypted client private key"
+  }).option("reject-unauthorized", {
+    type: "string",
+    description: "Whether to reject untrusted server certificates"
   }).option("name", {
     alias: "n",
     type: "string",
@@ -24842,6 +24948,9 @@ function loadConfig() {
   }).option("resources-inline", {
     type: "string",
     description: "Provide resources directly as JSON string"
+  }).option("verbose", {
+    type: "string",
+    description: "Enable verbose logging"
   }).help().parseSync();
   let transportType;
   if (argv.transport === "http" || process.env.TRANSPORT_TYPE === "http") {
@@ -24893,15 +25002,18 @@ function loadConfig() {
     if (normalized === "all" || normalized === "dynamic" || normalized === "explicit") {
       toolsMode = normalized;
     } else {
-      throw new Error(
-        "Invalid tools mode. Expected one of: all, dynamic, explicit"
-      );
+      throw new Error("Invalid tools mode. Expected one of: all, dynamic, explicit");
     }
   }
   if (!apiBaseUrl) {
     throw new Error("API base URL is required (--api-base-url or API_BASE_URL)");
   }
   const headers = parseHeaders(argv.headers || process.env.API_HEADERS);
+  const rejectUnauthorizedInput = parseOptionalBoolean(
+    argv["reject-unauthorized"] ?? process.env.REJECT_UNAUTHORIZED,
+    "--reject-unauthorized/REJECT_UNAUTHORIZED"
+  );
+  const verbose = parseOptionalBoolean(argv.verbose ?? process.env.VERBOSE, "--verbose/VERBOSE") ?? true;
   return {
     name: argv.name || process.env.SERVER_NAME || "mcp-openapi-server",
     version: argv["server-version"] || process.env.SERVER_VERSION || "1.0.0",
@@ -24910,6 +25022,11 @@ function loadConfig() {
     specInputMethod,
     inlineSpecContent,
     headers,
+    clientCertPath: argv["client-cert"] || process.env.CLIENT_CERT_PATH,
+    clientKeyPath: argv["client-key"] || process.env.CLIENT_KEY_PATH,
+    caCertPath: argv["ca-cert"] || process.env.CA_CERT_PATH,
+    clientKeyPassphrase: argv["client-key-passphrase"] || process.env.CLIENT_KEY_PASSPHRASE,
+    rejectUnauthorized: rejectUnauthorizedInput ?? true,
     transportType,
     httpPort,
     httpHost,
@@ -24923,7 +25040,8 @@ function loadConfig() {
     promptsPath: argv.prompts || process.env.PROMPTS_PATH,
     promptsInline: argv["prompts-inline"] || process.env.PROMPTS_INLINE,
     resourcesPath: argv.resources || process.env.RESOURCES_PATH,
-    resourcesInline: argv["resources-inline"] || process.env.RESOURCES_INLINE
+    resourcesInline: argv["resources-inline"] || process.env.RESOURCES_INLINE,
+    verbose
   };
 }
 
@@ -24936,7 +25054,6 @@ import {
 import * as http3 from "http";
 import { randomUUID } from "crypto";
 var StreamableHttpServerTransport = class {
-  // Track if using an external server
   /**
    * Initialize a new StreamableHttpServerTransport
    *
@@ -24951,11 +25068,12 @@ var StreamableHttpServerTransport = class {
    *               further handlers from running for those requests. The MCP handler should be added after
    *               custom handlers and will return early for non-MCP paths.
    */
-  constructor(port, host = "127.0.0.1", endpointPath = "/mcp", server) {
+  constructor(port, host = "127.0.0.1", endpointPath = "/mcp", server, verbose = true) {
     this.port = port;
     this.host = host;
     this.endpointPath = endpointPath;
     this.isExternalServer = !!server;
+    this.logger = new Logger(verbose);
     if (server) {
       this.server = server;
       this.server.on("request", this.handleRequest.bind(this));
@@ -24973,6 +25091,8 @@ var StreamableHttpServerTransport = class {
   // Maps request IDs to session IDs
   healthCheckPath = "/health";
   isExternalServer;
+  // Track if using an external server
+  logger;
   /**
    * Callback when message is received
    */
@@ -24995,7 +25115,7 @@ var StreamableHttpServerTransport = class {
     return new Promise((resolve6, reject) => {
       this.server.listen(this.port, this.host, () => {
         this.started = true;
-        console.error(
+        this.logger.error(
           `Streamable HTTP transport listening on http://${this.host}:${this.port}${this.endpointPath}`
         );
         resolve6();
@@ -25048,34 +25168,34 @@ var StreamableHttpServerTransport = class {
    * @param message JSON-RPC message
    */
   async send(message) {
-    console.error(`StreamableHttpServerTransport: Sending message: ${JSON.stringify(message)}`);
+    this.logger.error(`StreamableHttpServerTransport: Sending message: ${JSON.stringify(message)}`);
     let targetSessionId;
     let messageIdForThisResponse = null;
     if (isJSONRPCResponse(message) && message.id !== null) {
       messageIdForThisResponse = message.id;
       targetSessionId = this.requestSessionMap.get(messageIdForThisResponse);
-      console.error(
+      this.logger.error(
         `StreamableHttpServerTransport: Potential target session for response ID ${messageIdForThisResponse}: ${targetSessionId}`
       );
       if (targetSessionId && this.initResponseHandlers.has(targetSessionId)) {
-        console.error(
+        this.logger.error(
           `StreamableHttpServerTransport: Session ${targetSessionId} has initResponseHandlers. Invoking them for message ID ${messageIdForThisResponse}.`
         );
         const handlers = this.initResponseHandlers.get(targetSessionId);
         [...handlers].forEach((handler) => handler(message));
         if (!this.requestSessionMap.has(messageIdForThisResponse)) {
-          console.error(
+          this.logger.error(
             `StreamableHttpServerTransport: Response for ID ${messageIdForThisResponse} was handled by an initResponseHandler (e.g., synchronous POST response for initialize or tools/list).`
           );
           return;
         } else {
-          console.error(
+          this.logger.error(
             `StreamableHttpServerTransport: Response for ID ${messageIdForThisResponse} was NOT exclusively handled by an initResponseHandler or handler did not remove from requestSessionMap. Proceeding to GET stream / broadcast if applicable.`
           );
         }
       }
       if (this.requestSessionMap.has(messageIdForThisResponse)) {
-        console.error(
+        this.logger.error(
           `StreamableHttpServerTransport: Deleting request ID ${messageIdForThisResponse} from requestSessionMap as it's being processed for GET stream or broadcast.`
         );
         this.requestSessionMap.delete(messageIdForThisResponse);
@@ -25083,7 +25203,7 @@ var StreamableHttpServerTransport = class {
     }
     if (!targetSessionId) {
       const idForLog = messageIdForThisResponse !== null ? messageIdForThisResponse : isJSONRPCRequest(message) ? message.id : "N/A";
-      console.warn(
+      this.logger.warn(
         `StreamableHttpServerTransport: No specific target session for message (ID: ${idForLog}). Broadcasting to all applicable sessions.`
       );
       for (const [sid, session2] of this.sessions.entries()) {
@@ -25095,12 +25215,12 @@ var StreamableHttpServerTransport = class {
     }
     const session = this.sessions.get(targetSessionId);
     if (session && session.activeResponses.size > 0) {
-      console.error(
+      this.logger.error(
         `StreamableHttpServerTransport: Sending message (ID: ${messageIdForThisResponse}) to GET stream for session ${targetSessionId} (${session.activeResponses.size} active connections).`
       );
       this.sendMessageToSession(targetSessionId, session, message);
     } else if (targetSessionId) {
-      console.error(
+      this.logger.error(
         `StreamableHttpServerTransport: No active GET connections for session ${targetSessionId} to send message (ID: ${messageIdForThisResponse}). Message might not be delivered if not handled by POST.`
       );
     }
@@ -25579,20 +25699,22 @@ async function loadResources(pathOrUrl, inline) {
 
 // src/index.ts
 async function main() {
+  const logger = new Logger(true);
   try {
     const config = loadConfig();
+    logger.setVerbose(config.verbose);
     if (config.promptsPath || config.promptsInline) {
       const prompts = await loadPrompts(config.promptsPath, config.promptsInline);
       if (prompts) {
         config.prompts = prompts;
-        console.error(`Loaded ${prompts.length} prompt(s)`);
+        logger.error(`Loaded ${prompts.length} prompt(s)`);
       }
     }
     if (config.resourcesPath || config.resourcesInline) {
       const resources = await loadResources(config.resourcesPath, config.resourcesInline);
       if (resources) {
         config.resources = resources;
-        console.error(`Loaded ${resources.length} resource(s)`);
+        logger.error(`Loaded ${resources.length} resource(s)`);
       }
     }
     const server = new OpenAPIServer(config);
@@ -25601,19 +25723,21 @@ async function main() {
       transport = new StreamableHttpServerTransport(
         config.httpPort,
         config.httpHost,
-        config.endpointPath
+        config.endpointPath,
+        void 0,
+        config.verbose
       );
       await server.start(transport);
-      console.error(
+      logger.error(
         `OpenAPI MCP Server running on http://${config.httpHost}:${config.httpPort}${config.endpointPath}`
       );
     } else {
       transport = new StdioServerTransport();
       await server.start(transport);
-      console.error("OpenAPI MCP Server running on stdio");
+      logger.error("OpenAPI MCP Server running on stdio");
     }
   } catch (error) {
-    console.error("Failed to start server:", error);
+    logger.fatal("Failed to start server:", error);
     process.exit(1);
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ivotoby/openapi-mcp-server",
-  "version": "1.12.5",
+  "version": "1.14.0",
   "description": "An MCP server that exposes OpenAPI endpoints as resources",
   "license": "MIT",
   "type": "module",