npm - @jagilber-org/index-server - Versions diffs - 1.26.1 → 1.26.4 - Mend

@jagilber-org/index-server 1.26.1 → 1.26.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/CHANGELOG.md +4 -0
package/dist/dashboard/client/admin.html +26 -26
package/package.json +2 -1
package/scripts/generate-certs.mjs +201 -0
package/server.json +20 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1437,3 +1437,7 @@ No client changes required. Enable `INDEX_SERVER_MEMOIZE=1` (and optionally `IND
 ### Added
 - Add --init-cert CLI switch for self-signed dashboard TLS bootstrap (PR #233, issue #232)
+## [1.26.2] - 2026-04-27
+## [1.26.4] - 2026-04-28

package/dist/dashboard/client/admin.html CHANGED Viewed

@@ -1,29 +1,29 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
-    <meta name="dashboard-build-version" content="1.26.1-9badd8dd">
+    <meta name="dashboard-build-version" content="1.26.4-9badd8dd">
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Index Server Admin</title>
-    <link rel="stylesheet" href="css/admin.css?v=1.26.1-9badd8dd">
-    <script defer src="js/admin.utils.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.auth.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.overview.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.sessions.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.monitor.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.graph.js?v=1.26.1-9badd8dd"></script>
+    <link rel="stylesheet" href="css/admin.css?v=1.26.4-9badd8dd">
+    <script defer src="js/admin.utils.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.auth.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.overview.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.sessions.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.monitor.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.graph.js?v=1.26.4-9badd8dd"></script>
     <script defer src="js/marked.umd.js"></script>
-    <script defer src="js/admin.instructions.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.logs.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.maintenance.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.config.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.performance.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.instances.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.embeddings.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.messaging.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.sqlite.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.boot.js?v=1.26.1-9badd8dd"></script>
-    <script defer src="js/admin.feedback.js?v=1.26.1-9badd8dd"></script>
+    <script defer src="js/admin.instructions.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.logs.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.maintenance.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.config.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.performance.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.instances.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.embeddings.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.messaging.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.sqlite.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.boot.js?v=1.26.4-9badd8dd"></script>
+    <script defer src="js/admin.feedback.js?v=1.26.4-9badd8dd"></script>
 </head>
 <body>
     <div class="admin-container admin-root">
@@ -879,10 +879,10 @@
             }
         }
-        // Graph logic was extracted to js/admin.graph.js?v=1.26.1-9badd8dd
+        // Graph logic was extracted to js/admin.graph.js?v=1.26.4-9badd8dd
         // Functions available globally: reloadGraphMermaid, initGraphScopeDefaults, copyMermaidSource, toggleGraphEdit, applyGraphEdit, cancelGraphEdit, refreshDrillCategories, loadDrillInstructions, clearSelections
-        <!-- overview functions moved to js/admin.overview.js?v=1.26.1-9badd8dd -->
+        <!-- overview functions moved to js/admin.overview.js?v=1.26.4-9badd8dd -->
         // Lightweight overview-level maintenance display (optional)
         // Intentionally minimal to avoid blocking overview rendering.
@@ -1067,7 +1067,7 @@
         }
         // --- Backup / Restore ---
-        // Extracted to js/admin.maintenance.js?v=1.26.1-9badd8dd
+        // Extracted to js/admin.maintenance.js?v=1.26.4-9badd8dd
         async function performBackup() {
             try {
@@ -1133,7 +1133,7 @@
         }
                 async function loadConfiguration() {
-                    // Primary implementation in js/admin.config.js?v=1.26.1-9badd8dd (loaded via defer).
+                    // Primary implementation in js/admin.config.js?v=1.26.4-9badd8dd (loaded via defer).
                     // This inline fallback only fires if the external script failed to load.
                     if (window.__configExternalLoaded) return;
                     try {
@@ -1193,10 +1193,10 @@
                         return false;
                 }
-        // Monitoring functions moved to js/admin.monitor.js?v=1.26.1-9badd8dd
+        // Monitoring functions moved to js/admin.monitor.js?v=1.26.4-9badd8dd
         // ===== Log Viewer =====
-        // Extracted to js/admin.logs.js?v=1.26.1-9badd8dd
+        // Extracted to js/admin.logs.js?v=1.26.4-9badd8dd
         // ===== Instruction Management =====
         let instructionEditing = null;
@@ -1693,7 +1693,7 @@
             setInterval(fetchResourceTrends, 10000);
         })();
-        // Instruction management logic extracted to js/admin.instructions.js?v=1.26.1-9badd8dd
+        // Instruction management logic extracted to js/admin.instructions.js?v=1.26.4-9badd8dd
         // Functions exposed globally: loadInstructions, renderInstructionList, editInstruction, saveInstruction, deleteInstruction, etc.
         function startAutoRefresh() {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@jagilber-org/index-server",
-  "version": "1.26.1",
+  "version": "1.26.4",
   "mcpName": "io.github.jagilber-org/index-server",
   "description": "MCP instruction indexing server for AI assistant governance — search, CRUD, schema validation, usage tracking, and cross-repo knowledge promotion.",
   "publishConfig": {
@@ -18,6 +18,7 @@
     "templates/",
     "scripts/copy-dashboard-assets.mjs",
     "scripts/setup-hooks.cjs",
+    "scripts/generate-certs.mjs",
     "scripts/setup-wizard.mjs",
     "server.json",
     "README.md",

package/scripts/generate-certs.mjs ADDED Viewed

@@ -0,0 +1,201 @@
+#!/usr/bin/env node
+/**
+ * generate-certs.mjs — Generate self-signed TLS certificates for Index Server.
+ *
+ * Creates a CA + server certificate pair in ./certs/ for HTTPS dashboard access.
+ * For production, replace with certificates from a real CA.
+ *
+ * Usage:
+ *   node scripts/generate-certs.mjs [--hostname <name>] [--days <n>] [--output <dir>]
+ */
+import { execFileSync } from 'child_process';
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const ROOT = path.resolve(__dirname, '..');
+function parseArgs() {
+  const args = process.argv.slice(2);
+  const config = {
+    hostname: 'localhost',
+    days: 365,
+    outputDir: path.join(ROOT, 'certs'),
+    keySize: 4096,
+  };
+  for (let i = 0; i < args.length; i++) {
+    if (args[i] === '--hostname' && args[i + 1]) config.hostname = args[++i];
+    else if (args[i] === '--days' && args[i + 1]) config.days = parseInt(args[++i], 10);
+    else if (args[i] === '--output' && args[i + 1]) config.outputDir = path.resolve(args[++i]);
+    else if (args[i] === '--key-size' && args[i + 1]) config.keySize = parseInt(args[++i], 10);
+    else if (args[i] === '--help') {
+      console.log(`Usage: generate-certs.mjs [options]
+  --hostname <name>  Server hostname (default: localhost)
+  --days <n>         Certificate validity in days (default: 365)
+  --output <dir>     Output directory (default: ./certs)
+  --key-size <bits>  RSA key size (default: 4096)`);
+      process.exit(0);
+    }
+  }
+  return config;
+}
+const WELL_KNOWN_OPENSSL_DIRS = [
+  'C:\\Program Files\\Git\\usr\\bin',
+  'C:\\Program Files (x86)\\Git\\usr\\bin',
+  'C:\\Program Files\\OpenSSL-Win64\\bin',
+  'C:\\Program Files\\OpenSSL\\bin',
+];
+function checkOpenssl() {
+  try {
+    execFileSync('openssl', ['version'], { stdio: 'pipe' });
+    return true;
+  } catch {
+    // Try well-known paths on Windows
+    for (const dir of WELL_KNOWN_OPENSSL_DIRS) {
+      const exe = path.join(dir, 'openssl.exe');
+      if (fs.existsSync(exe)) {
+        console.log(`ℹ️  Found OpenSSL at: ${dir}`);
+        process.env.PATH = `${dir}${path.delimiter}${process.env.PATH}`;
+        return true;
+      }
+    }
+    return false;
+  }
+}
+function runOpenSsl(args, options = {}) {
+  execFileSync('openssl', args, { stdio: 'pipe', ...options });
+}
+function generateCerts(config) {
+  const { hostname, days, outputDir, keySize } = config;
+  // Validate hostname to prevent command injection via -subj parameter
+  if (!/^[a-zA-Z0-9._-]+$/.test(hostname)) {
+    console.error(`❌ Invalid hostname: "${hostname}". Only alphanumeric, dots, hyphens, and underscores allowed.`);
+    process.exit(1);
+  }
+  if (!Number.isInteger(days) || days < 1 || days > 3650) {
+    console.error(`❌ Invalid days value: "${days}". Expected an integer between 1 and 3650.`);
+    process.exit(1);
+  }
+  if (!Number.isInteger(keySize) || ![2048, 3072, 4096].includes(keySize)) {
+    console.error(`❌ Invalid key size: "${keySize}". Allowed values: 2048, 3072, 4096.`);
+    process.exit(1);
+  }
+  // Ensure output directory exists
+  fs.mkdirSync(outputDir, { recursive: true });
+  const caKeyPath = path.join(outputDir, 'ca.key');
+  const caCertPath = path.join(outputDir, 'ca.crt');
+  const serverKeyPath = path.join(outputDir, 'server.key');
+  const serverCsrPath = path.join(outputDir, 'server.csr');
+  const serverCertPath = path.join(outputDir, 'server.crt');
+  const extPath = path.join(outputDir, 'server.ext');
+  const cnfPath = path.join(outputDir, 'openssl.cnf');
+  console.log(`\n🔐 Generating TLS certificates for: ${hostname}`);
+  console.log(`   Output: ${outputDir}`);
+  console.log(`   Validity: ${days} days`);
+  console.log(`   Key size: ${keySize} bits\n`);
+  // Create a minimal openssl config to avoid system config issues (Windows compat)
+  const cnfContent = `[req]
+distinguished_name = req_dn
+prompt = no
+[req_dn]
+C = US
+ST = Dev
+L = Local
+O = IndexServer
+`;
+  fs.writeFileSync(cnfPath, cnfContent, 'utf8');
+  const cnfEnv = { ...process.env, OPENSSL_CONF: cnfPath };
+  // Step 1: Generate CA private key
+  console.log('1/5 Generating CA private key...');
+  runOpenSsl(['genrsa', '-out', caKeyPath, String(keySize)], { env: cnfEnv });
+  // Step 2: Generate CA certificate
+  console.log('2/5 Generating CA certificate...');
+  runOpenSsl([
+    'req', '-x509', '-new', '-nodes', '-key', caKeyPath, '-sha256', '-days', String(days),
+    '-subj', '/C=US/ST=Dev/L=Local/O=IndexServer/OU=Dev/CN=IndexServerCA',
+    '-config', cnfPath, '-out', caCertPath,
+  ], { env: cnfEnv });
+  // Step 3: Generate server private key
+  console.log('3/5 Generating server private key...');
+  runOpenSsl(['genrsa', '-out', serverKeyPath, String(keySize)], { env: cnfEnv });
+  // Step 4: Generate server CSR
+  console.log('4/5 Generating server CSR...');
+  runOpenSsl([
+    'req', '-new', '-key', serverKeyPath,
+    '-subj', `/C=US/ST=Dev/L=Local/O=IndexServer/OU=Server/CN=${hostname}`,
+    '-config', cnfPath, '-out', serverCsrPath,
+  ], { env: cnfEnv });
+  // Step 5: Create extensions file and sign server cert
+  console.log('5/5 Signing server certificate...');
+  const extContent = `authorityKeyIdentifier=keyid,issuer
+basicConstraints=CA:FALSE
+keyUsage=digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment
+subjectAltName=@alt_names
+[alt_names]
+DNS.1=${hostname}
+DNS.2=*.${hostname}
+IP.1=127.0.0.1
+IP.2=::1`;
+  fs.writeFileSync(extPath, extContent, 'utf8');
+  runOpenSsl([
+    'x509', '-req', '-in', serverCsrPath, '-CA', caCertPath, '-CAkey', caKeyPath,
+    '-CAcreateserial', '-out', serverCertPath, '-days', String(days), '-sha256', '-extfile', extPath,
+  ], { env: cnfEnv });
+  // Cleanup intermediate files
+  try { fs.unlinkSync(serverCsrPath); } catch { /* ok */ }
+  try { fs.unlinkSync(extPath); } catch { /* ok */ }
+  try { fs.unlinkSync(cnfPath); } catch { /* ok */ }
+  try { fs.unlinkSync(path.join(outputDir, 'ca.srl')); } catch { /* ok */ }
+  // Set restrictive permissions on private keys
+  try {
+    fs.chmodSync(caKeyPath, 0o600);
+    fs.chmodSync(serverKeyPath, 0o600);
+  } catch { /* Windows doesn't support chmod */ }
+  console.log('\n✅ TLS certificates generated successfully:');
+  console.log(`   CA cert:     ${caCertPath}`);
+  console.log(`   Server cert: ${serverCertPath}`);
+  console.log(`   Server key:  ${serverKeyPath}`);
+  console.log(`   CA key:      ${caKeyPath}`);
+  console.log('\nTo use with Docker:');
+  console.log('  docker compose --profile tls up -d');
+  console.log('\nTo use standalone:');
+  console.log(`  INDEX_SERVER_DASHBOARD_TLS=1 \\`);
+  console.log(`  INDEX_SERVER_DASHBOARD_TLS_CERT=${serverCertPath} \\`);
+  console.log(`  INDEX_SERVER_DASHBOARD_TLS_KEY=${serverKeyPath} \\`);
+  console.log('  node dist/server/index-server.js --dashboard');
+}
+// Main
+const config = parseArgs();
+if (!checkOpenssl()) {
+  console.error('❌ OpenSSL is not installed or not in PATH.');
+  console.error('   Install OpenSSL and try again.');
+  console.error('   Options:');
+  console.error('   - Install Git for Windows (includes OpenSSL): https://git-scm.com/download/win');
+  console.error('   - Install OpenSSL directly: https://slproweb.com/products/Win32OpenSSL.html');
+  console.error('   - On Linux/macOS: sudo apt install openssl / brew install openssl');
+  process.exit(1);
+}
+generateCerts(config);

package/server.json CHANGED Viewed

@@ -1 +1,20 @@
-{  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",  "name": "io.github.jagilber-org/index-server",  "description": "MCP instruction indexing server for AI assistant governance — search, CRUD, schema validation, usage tracking, and cross-repo knowledge promotion.",  "repository": {    "url": "https://github.com/jagilber-org/index-server",    "source": "github"  },  "version": "1.26.1",  "packages": [    {      "registryType": "npm",      "identifier": "@jagilber-org/index-server",      "version": "1.26.1",      "transport": {        "type": "stdio"      }    }  ]}
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
+  "name": "io.github.jagilber-org/index-server",
+  "description": "MCP instruction indexing server for AI assistant governance — search, CRUD, schema validation, usage tracking, and cross-repo knowledge promotion.",
+  "repository": {
+    "url": "https://github.com/jagilber-org/index-server",
+    "source": "github"
+  },
+  "version": "1.26.4",
+  "packages": [
+    {
+      "registryType": "npm",
+      "identifier": "@jagilber-org/index-server",
+      "version": "1.26.4",
+      "transport": {
+        "type": "stdio"
+      }
+    }
+  ]
+}