@jaypie/mcp 0.7.29 → 0.7.31

package/dist/suites/docs/index.js

@@ -9,7 +9,7 @@ import { gt } from 'semver';
 /**
  * Docs Suite - Documentation services (skill, version, release_notes)
  */
-const BUILD_VERSION_STRING = "@jaypie/mcp@0.7.29#c4402727"
+const BUILD_VERSION_STRING = "@jaypie/mcp@0.7.31#0a295f43"
     ;
 const __filename$1 = fileURLToPath(import.meta.url);
 const __dirname$1 = path.dirname(__filename$1);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jaypie/mcp",
-  "version": "0.7.29",
+  "version": "0.7.31",
   "description": "Jaypie MCP",
   "repository": {
     "type": "git",

package/release-notes/express/1.2.14.md

@@ -0,0 +1,10 @@
+---
+version: 1.2.14
+date: 2026-03-02
+summary: Remove x-powered-by header instead of setting it
+---
+
+## Changes
+
+- Changed `decorateResponse` to remove the `X-Powered-By` header instead of setting it to `@jaypie/express`
+- Added `safeRemoveHeader` helper with support for dd-trace bypass, Lambda adapter, and standard Node.js responses

package/release-notes/express/1.2.15.md

@@ -0,0 +1,10 @@
+---
+version: 1.2.15
+date: 2026-03-03
+summary: Redact sensitive headers in request summary logs
+---
+
+## Changes
+
+- `summarizeRequest` now redacts `authorization`, `cookie`, and `set-cookie` headers before logging
+- Fixes plaintext auth tokens appearing in `log.info.var({ req })` output

package/release-notes/jaypie/1.2.16.md

@@ -0,0 +1,11 @@
+---
+version: 1.2.16
+date: 2026-03-02
+summary: Dependency updates for kit, logger, and express
+---
+
+## Changes
+
+- Updated `@jaypie/kit` to 1.2.2 (jaypieKey functions)
+- Updated `@jaypie/logger` to 1.2.4 (sanitize auth headers)
+- Updated `@jaypie/express` to 1.2.14 (remove x-powered-by)

package/release-notes/jaypie/1.2.17.md

@@ -0,0 +1,9 @@
+---
+version: 1.2.17
+date: 2026-03-03
+summary: Dependency update for express 1.2.15
+---
+
+## Changes
+
+- Updated `@jaypie/express` to 1.2.15 (redact sensitive headers in request logs)

package/release-notes/kit/1.2.2.md

@@ -0,0 +1,13 @@
+---
+version: 1.2.2
+date: 2026-03-02
+summary: Add generateJaypieKey, validateJaypieKey, and hashJaypieKey functions
+---
+
+## Changes
+
+- Added `generateJaypieKey({ checksum, issuer, length, pool, prefix, separator })` for API key generation using `crypto.randomBytes`
+- Added `validateJaypieKey(key, options)` for format and checksum validation
+- Added `hashJaypieKey(key, { salt })` for SHA-256/HMAC-SHA256 key hashing with salt from param or `PROJECT_SALT` env
+- All params optional with sensible defaults; zero-param `generateJaypieKey()` produces `sk_<32 base62><4 checksum>`
+- Checksum algorithm is backward-compatible with existing garden API key format

package/release-notes/logger/1.2.4.md

@@ -0,0 +1,12 @@
+---
+version: 1.2.4
+date: 2026-03-02
+summary: Sanitize authorization headers in logger output
+---
+
+## Changes
+
+- Added `sanitizeAuth` that redacts authorization headers before logging
+- `sk-*` tokens are redacted to `sk_<last4>`, other values to `md5_<last4>`
+- Handles top-level `authorization` keys and nested `headers.authorization`
+- Original objects are never mutated

package/release-notes/logger/1.2.5.md

@@ -0,0 +1,9 @@
+---
+version: 1.2.5
+date: 2026-03-03
+summary: Export redactAuth and sanitizeAuth utilities
+---
+
+## Changes
+
+- Exported `redactAuth` and `sanitizeAuth` functions for use by other packages

package/release-notes/mcp/0.7.30.md

@@ -0,0 +1,9 @@
+---
+version: 0.7.30
+date: 2026-03-02
+summary: Release notes for kit 1.2.2, testkit 1.2.22, logger 1.2.4, express 1.2.14, jaypie 1.2.16
+---
+
+## Changes
+
+- Added release notes for `@jaypie/kit` 1.2.2, `@jaypie/testkit` 1.2.22, `@jaypie/logger` 1.2.4, `@jaypie/express` 1.2.14, `jaypie` 1.2.16

package/release-notes/mcp/0.7.31.md

@@ -0,0 +1,9 @@
+---
+version: 0.7.31
+date: 2026-03-03
+summary: Release notes for express 1.2.15, jaypie 1.2.17
+---
+
+## Changes
+
+- Added release notes for `@jaypie/express` 1.2.15, `jaypie` 1.2.17

package/release-notes/testkit/1.2.22.md

@@ -0,0 +1,11 @@
+---
+version: 1.2.22
+date: 2026-03-02
+summary: Add mocks for jaypieKey functions
+---
+
+## Changes
+
+- Added `generateJaypieKey` mock returning deterministic key string
+- Added `validateJaypieKey` mock returning `true`
+- Added `hashJaypieKey` mock returning deterministic 64-char hex string

package/release-notes/testkit/1.2.23.md

@@ -0,0 +1,9 @@
+---
+version: 1.2.23
+date: 2026-03-03
+summary: Re-export redactAuth and sanitizeAuth from logger
+---
+
+## Changes
+
+- Re-export `redactAuth` and `sanitizeAuth` from `@jaypie/logger` in mock logger

package/skills/express.md

@@ -111,7 +111,7 @@ app.use(cors({ origin: ["https://a.com", "https://b.com"] }));
 ```typescript
 import { EXPRESS } from "jaypie";
 
-EXPRESS.HEADER.POWERED_BY    // "x-powered-by"
+EXPRESS.HEADER.POWERED_BY    // "x-powered-by" (removed by decorateResponse)
 EXPRESS.HEADER.PROJECT_KEY   // "x-project-key"
 EXPRESS.HEADER.REQUEST_ID    // "x-request-id"
 EXPRESS.PROJECT.EXPRESS      // "@jaypie/express"