@jgardner04/ghost-mcp-server 1.1.0 → 1.1.2

package/README.md

@@ -25,7 +25,6 @@ _(Refer to `src/mcp_server.js` for full resource schemas.)_
 Below is a guide for using the available MCP tools:
 
 1.  **`ghost_create_tag`**
-
     - **Purpose**: Creates a new tag.
     - **Inputs**:
       - `name` (string, required): The name for the new tag.
@@ -34,14 +33,12 @@ Below is a guide for using the available MCP tools:
     - **Output**: The created `ghost/tag` resource.
 
 2.  **`ghost_get_tags`**
-
     - **Purpose**: Retrieves existing tags. Can be used to find a tag ID or check if a tag exists before creation.
     - **Inputs**:
       - `name` (string, optional): Filter tags by exact name.
     - **Output**: An array of `ghost/tag` resources matching the filter (or all tags if no name is provided).
 
 3.  **`ghost_upload_image`**
-
     - **Purpose**: Uploads an image to Ghost for use, typically as a post's featured image.
     - **Inputs**:
       - `imageUrl` (string URL, required): A publicly accessible URL of the image to upload.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jgardner04/ghost-mcp-server",
-  "version": "1.1.0",
+  "version": "1.1.2",
   "description": "A Model Context Protocol (MCP) server for interacting with Ghost CMS via the Admin API",
   "author": "Jonathan Gardner",
   "type": "module",
@@ -42,7 +42,12 @@
     "start:mcp:websocket": "MCP_TRANSPORT=websocket node src/mcp_server_improved.js",
     "test": "vitest run",
     "test:watch": "vitest watch",
-    "test:coverage": "vitest run --coverage"
+    "test:coverage": "vitest run --coverage",
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix",
+    "format": "prettier --write \"**/*.{js,json,md}\"",
+    "format:check": "prettier --check \"**/*.{js,json,md}\"",
+    "prepare": "husky"
   },
   "dependencies": {
     "@anthropic-ai/sdk": "^0.39.0",
@@ -85,8 +90,21 @@
     "access": "public"
   },
   "license": "MIT",
+  "lint-staged": {
+    "*.js": [
+      "eslint --fix",
+      "prettier --write"
+    ]
+  },
   "devDependencies": {
+    "@eslint/js": "^9.39.1",
     "@vitest/coverage-v8": "^4.0.15",
+    "eslint": "^9.39.1",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-prettier": "^5.5.4",
+    "husky": "^9.1.7",
+    "lint-staged": "^16.2.7",
+    "prettier": "^3.7.4",
     "semantic-release": "^25.0.2",
     "vitest": "^4.0.15"
   }

package/src/config/mcp-config.js

@@ -4,7 +4,7 @@ dotenv.config();
 
 /**
  * MCP Server Configuration
- * 
+ *
  * Transport Options:
  * - 'stdio': Best for CLI tools and direct process communication
  * - 'http'/'sse': Good for web clients, supports CORS
@@ -15,42 +15,44 @@ export const mcpConfig = {
   transport: {
     type: process.env.MCP_TRANSPORT || 'http', // 'stdio', 'http', 'sse', 'websocket'
     port: parseInt(process.env.MCP_PORT || '3001'),
-    
+
     // HTTP/SSE specific options
     cors: process.env.MCP_CORS || '*',
     sseEndpoint: process.env.MCP_SSE_ENDPOINT || '/mcp/sse',
-    
+
     // WebSocket specific options
     wsPath: process.env.MCP_WS_PATH || '/',
     wsHeartbeatInterval: parseInt(process.env.MCP_WS_HEARTBEAT || '30000'),
   },
-  
+
   // Server metadata
   metadata: {
     name: process.env.MCP_SERVER_NAME || 'Ghost CMS Manager',
-    description: process.env.MCP_SERVER_DESC || 'MCP Server to manage a Ghost CMS instance using the Admin API.',
+    description:
+      process.env.MCP_SERVER_DESC ||
+      'MCP Server to manage a Ghost CMS instance using the Admin API.',
     version: process.env.MCP_SERVER_VERSION || '1.0.0',
   },
-  
+
   // Error handling
   errorHandling: {
     includeStackTrace: process.env.NODE_ENV === 'development',
     maxRetries: parseInt(process.env.MCP_MAX_RETRIES || '3'),
     retryDelay: parseInt(process.env.MCP_RETRY_DELAY || '1000'),
   },
-  
+
   // Logging
   logging: {
     level: process.env.MCP_LOG_LEVEL || 'info', // 'debug', 'info', 'warn', 'error'
     format: process.env.MCP_LOG_FORMAT || 'json', // 'json', 'text'
   },
-  
+
   // Security
   security: {
     // Add API key authentication if needed
     apiKey: process.env.MCP_API_KEY,
     allowedOrigins: process.env.MCP_ALLOWED_ORIGINS?.split(',') || ['*'],
-  }
+  },
 };
 
 /**
@@ -58,14 +60,14 @@ export const mcpConfig = {
  */
 export function getTransportConfig() {
   const { transport } = mcpConfig;
-  
+
   switch (transport.type) {
     case 'stdio':
       return {
         type: 'stdio',
         // No additional config needed for stdio
       };
-      
+
     case 'http':
     case 'sse':
       return {
@@ -74,7 +76,7 @@ export function getTransportConfig() {
         cors: transport.cors,
         endpoint: transport.sseEndpoint,
       };
-      
+
     case 'websocket':
       return {
         type: 'websocket',
@@ -82,7 +84,7 @@ export function getTransportConfig() {
         path: transport.wsPath,
         heartbeatInterval: transport.wsHeartbeatInterval,
       };
-      
+
     default:
       throw new Error(`Unknown transport type: ${transport.type}`);
   }
@@ -93,7 +95,7 @@ export function getTransportConfig() {
  */
 export function validateConfig() {
   const errors = [];
-  
+
   // Check if transport configuration exists
   if (!mcpConfig.transport) {
     errors.push('Missing transport configuration');
@@ -103,29 +105,36 @@ export function validateConfig() {
     if (!mcpConfig.transport.type || !validTransports.includes(mcpConfig.transport.type)) {
       errors.push(`Invalid transport type: ${mcpConfig.transport.type}`);
     }
-    
+
     // Check port for network transports
-    if (mcpConfig.transport.type && ['http', 'sse', 'websocket'].includes(mcpConfig.transport.type)) {
-      if (!mcpConfig.transport.port || mcpConfig.transport.port < 1 || mcpConfig.transport.port > 65535) {
+    if (
+      mcpConfig.transport.type &&
+      ['http', 'sse', 'websocket'].includes(mcpConfig.transport.type)
+    ) {
+      if (
+        !mcpConfig.transport.port ||
+        mcpConfig.transport.port < 1 ||
+        mcpConfig.transport.port > 65535
+      ) {
         errors.push(`Invalid port: ${mcpConfig.transport.port}`);
       }
     }
   }
-  
+
   // Check Ghost configuration
   if (!process.env.GHOST_ADMIN_API_URL) {
     errors.push('Missing GHOST_ADMIN_API_URL environment variable');
   }
-  
+
   if (!process.env.GHOST_ADMIN_API_KEY) {
     errors.push('Missing GHOST_ADMIN_API_KEY environment variable');
   }
-  
+
   if (errors.length > 0) {
     throw new Error(`Configuration errors:\n${errors.join('\n')}`);
   }
-  
+
   return true;
 }
 
-export default mcpConfig;
+export default mcpConfig;

package/src/controllers/imageController.js

@@ -1,12 +1,12 @@
-import multer from "multer";
-import path from "path";
-import fs from "fs";
-import os from "os"; // Import the os module
-import Joi from "joi";
-import crypto from "crypto";
-import { createContextLogger } from "../utils/logger.js";
-import { uploadImage as uploadGhostImage } from "../services/ghostService.js"; // Assuming uploadImage is in ghostService
-import { processImage } from "../services/imageProcessingService.js"; // Import the processing service
+import multer from 'multer';
+import path from 'path';
+import fs from 'fs';
+import os from 'os'; // Import the os module
+import Joi from 'joi';
+import crypto from 'crypto';
+import { createContextLogger } from '../utils/logger.js';
+import { uploadImage as uploadGhostImage } from '../services/ghostService.js'; // Assuming uploadImage is in ghostService
+import { processImage } from '../services/imageProcessingService.js'; // Import the processing service
 
 // --- Use OS temporary directory for uploads ---
 const uploadDir = os.tmpdir(); // Use the OS default temp directory
@@ -18,15 +18,21 @@ const uploadDir = os.tmpdir(); // Use the OS default temp directory
 // Validation schema for uploaded files (excluding size - validated by multer limits)
 const fileValidationSchema = Joi.object({
   originalname: Joi.string().max(255).required(),
-  mimetype: Joi.string().pattern(/^image\/(jpeg|jpg|png|gif|webp|svg\+xml)$/i).required()
+  mimetype: Joi.string()
+    .pattern(/^image\/(jpeg|jpg|png|gif|webp|svg\+xml)$/i)
+    .required(),
 });
 
 // Post-upload validation schema (when file.size is available)
 const uploadedFileValidationSchema = Joi.object({
   originalname: Joi.string().max(255).required(),
-  mimetype: Joi.string().pattern(/^image\/(jpeg|jpg|png|gif|webp|svg\+xml)$/i).required(),
-  size: Joi.number().max(10 * 1024 * 1024).required(), // 10MB max
-  path: Joi.string().required()
+  mimetype: Joi.string()
+    .pattern(/^image\/(jpeg|jpg|png|gif|webp|svg\+xml)$/i)
+    .required(),
+  size: Joi.number()
+    .max(10 * 1024 * 1024)
+    .required(), // 10MB max
+  path: Joi.string().required(),
 });
 
 // Safe filename generation
@@ -35,11 +41,11 @@ const generateSafeFilename = (originalName) => {
   // Validate extension against whitelist
   const allowedExtensions = ['.jpg', '.jpeg', '.png', '.gif', '.webp', '.svg'];
   const normalizedExt = ext.toLowerCase();
-  
+
   if (!allowedExtensions.includes(normalizedExt)) {
     throw new Error('Invalid file extension');
   }
-  
+
   // Generate cryptographically secure random filename
   const randomBytes = crypto.randomBytes(16).toString('hex');
   const timestamp = Date.now();
@@ -67,36 +73,36 @@ const imageFileFilter = (req, file, cb) => {
   // Validate file properties (excluding size - not available at this stage)
   const validation = fileValidationSchema.validate({
     originalname: file.originalname,
-    mimetype: file.mimetype
+    mimetype: file.mimetype,
   });
-  
+
   if (validation.error) {
     return cb(new Error(`File validation failed: ${validation.error.details[0].message}`), false);
   }
-  
+
   // Additional security checks
   const filename = file.originalname;
-  
+
   // Check for path traversal attempts
   if (filename.includes('../') || filename.includes('..\\') || path.isAbsolute(filename)) {
     return cb(new Error('Invalid filename: Path traversal detected'), false);
   }
-  
+
   // Check for null bytes
   if (filename.includes('\0')) {
     return cb(new Error('Invalid filename: Null byte detected'), false);
   }
-  
+
   cb(null, true);
 };
 
-const upload = multer({ 
-  storage: storage, 
+const upload = multer({
+  storage: storage,
   fileFilter: imageFileFilter,
   limits: {
     fileSize: 10 * 1024 * 1024, // 10MB
-    files: 1 // Only allow 1 file per request
-  }
+    files: 1, // Only allow 1 file per request
+  },
 });
 
 /**
@@ -110,25 +116,19 @@ const getDefaultAltText = (originalName) => {
     // Use the original filename directly instead of a file path to avoid path traversal
     // Validate the input is a string and not a path
     if (!originalName || typeof originalName !== 'string') {
-      return "Uploaded image";
+      return 'Uploaded image';
     }
-    
+
     // Ensure no path separators are present (defense in depth)
     const sanitizedName = originalName.replace(/[/\\:]/g, '');
-    
-    const originalFilename = sanitizedName
-      .split(".")
-      .slice(0, -1)
-      .join(".");
-    
+
+    const originalFilename = sanitizedName.split('.').slice(0, -1).join('.');
+
     // Attempt to remove common prefixes/suffixes added during upload/processing
-    const nameWithoutIds = originalFilename.replace(
-      /^(processed-|mcp-upload-)\d+-\d+-?/,
-      ""
-    );
-    return nameWithoutIds.replace(/[-_]/g, " ") || "Uploaded image";
-  } catch (e) {
-    return "Uploaded image"; // Fallback
+    const nameWithoutIds = originalFilename.replace(/^(processed-|mcp-upload-)\d+-\d+-?/, '');
+    return nameWithoutIds.replace(/[-_]/g, ' ') || 'Uploaded image';
+  } catch (_e) {
+    return 'Uploaded image'; // Fallback
   }
 };
 
@@ -143,51 +143,51 @@ const handleImageUpload = async (req, res, next) => {
 
   try {
     if (!req.file) {
-      return res.status(400).json({ message: "No image file uploaded." });
+      return res.status(400).json({ message: 'No image file uploaded.' });
     }
-    
+
     // Post-upload validation with complete file information
     const fileValidation = uploadedFileValidationSchema.validate({
       originalname: req.file.originalname,
       mimetype: req.file.mimetype,
       size: req.file.size,
-      path: req.file.path
+      path: req.file.path,
     });
-    
+
     if (fileValidation.error) {
       // Delete the uploaded file since validation failed
       // Validate file path is within upload directory before deletion
       const filePath = req.file.path;
       const resolvedFilePath = path.resolve(filePath);
       const resolvedUploadDir = path.resolve(uploadDir);
-      
+
       if (resolvedFilePath.startsWith(resolvedUploadDir)) {
         fs.unlink(filePath, () => {});
       }
-      
-      return res.status(400).json({ 
-        message: `File validation failed: ${fileValidation.error.details[0].message}` 
+
+      return res.status(400).json({
+        message: `File validation failed: ${fileValidation.error.details[0].message}`,
       });
     }
-    
+
     // Validate the file path is within our temp directory (defense in depth)
     originalPath = req.file.path;
     const resolvedPath = path.resolve(originalPath);
     const resolvedUploadDir = path.resolve(uploadDir);
-    
+
     if (!resolvedPath.startsWith(resolvedUploadDir)) {
       logger.error('Security violation: File path outside upload directory', {
         filePath: path.basename(originalPath),
-        uploadDir: path.basename(uploadDir)
+        uploadDir: path.basename(uploadDir),
       });
       throw new Error('Security violation: File path outside of upload directory');
     }
-    
+
     logger.info('Image received for processing', {
       originalName: req.file.originalname,
       size: req.file.size,
       mimetype: req.file.mimetype,
-      tempFile: path.basename(originalPath)
+      tempFile: path.basename(originalPath),
     });
 
     // Process Image (output directory is still the temp dir)
@@ -197,11 +197,11 @@ const handleImageUpload = async (req, res, next) => {
     // Validate and sanitize alt text from the request body
     const altSchema = Joi.string().max(500).allow('').optional();
     const { error, value: sanitizedAlt } = altSchema.validate(req.body.alt);
-    
+
     if (error) {
       return res.status(400).json({ message: `Invalid alt text: ${error.details[0].message}` });
     }
-    
+
     const providedAlt = sanitizedAlt;
     // Generate a default alt text from the original filename if none provided
     const defaultAlt = getDefaultAltText(req.file.originalname);
@@ -209,7 +209,7 @@ const handleImageUpload = async (req, res, next) => {
     logger.debug('Alt text determined', {
       provided: !!providedAlt,
       generated: !providedAlt,
-      altText
+      altText,
     });
     // --- End Alt Text Handling ---
 
@@ -217,7 +217,7 @@ const handleImageUpload = async (req, res, next) => {
     const uploadResult = await uploadGhostImage(processedPath);
     logger.info('Image uploaded to Ghost successfully', {
       ghostUrl: uploadResult.url,
-      processedFile: path.basename(processedPath)
+      processedFile: path.basename(processedPath),
     });
 
     // Respond with the URL and the determined alt text
@@ -227,7 +227,7 @@ const handleImageUpload = async (req, res, next) => {
       error: error.message,
       stack: error.stack,
       originalFile: originalPath ? path.basename(originalPath) : null,
-      processedFile: processedPath ? path.basename(processedPath) : null
+      processedFile: processedPath ? path.basename(processedPath) : null,
     });
     // If it's a multer error (e.g., file filter), it might need specific handling
     if (error instanceof multer.MulterError) {
@@ -240,13 +240,13 @@ const handleImageUpload = async (req, res, next) => {
     if (originalPath) {
       const resolvedOriginalPath = path.resolve(originalPath);
       const resolvedUploadDir = path.resolve(uploadDir);
-      
+
       if (resolvedOriginalPath.startsWith(resolvedUploadDir)) {
         fs.unlink(originalPath, (err) => {
           if (err)
             logger.warn('Failed to delete original temp file', {
               file: path.basename(originalPath),
-              error: err.message
+              error: err.message,
             });
         });
       }
@@ -254,13 +254,13 @@ const handleImageUpload = async (req, res, next) => {
     if (processedPath && processedPath !== originalPath) {
       const resolvedProcessedPath = path.resolve(processedPath);
       const resolvedUploadDir = path.resolve(uploadDir);
-      
+
       if (resolvedProcessedPath.startsWith(resolvedUploadDir)) {
         fs.unlink(processedPath, (err) => {
           if (err)
             logger.warn('Failed to delete processed temp file', {
               file: path.basename(processedPath),
-              error: err.message
+              error: err.message,
             });
         });
       }

package/src/controllers/postController.js

@@ -1,5 +1,5 @@
-import { createPostService } from "../services/postService.js";
-import { createContextLogger } from "../utils/logger.js";
+import { createPostService } from '../services/postService.js';
+import { createContextLogger } from '../utils/logger.js';
 
 /**
  * Controller to handle creating a new post.
@@ -9,7 +9,7 @@ import { createContextLogger } from "../utils/logger.js";
  */
 const createPost = async (req, res, next) => {
   const logger = createContextLogger('post-controller');
-  
+
   try {
     // Input is already validated by express-validator middleware
     // The body now includes potential feature_image and metadata fields
@@ -19,16 +19,16 @@ const createPost = async (req, res, next) => {
       title: postInput.title,
       status: postInput.status,
       hasFeatureImage: !!postInput.feature_image,
-      tagCount: postInput.tags?.length || 0
+      tagCount: postInput.tags?.length || 0,
     });
-    
+
     // Call the service layer function
     const newPost = await createPostService(postInput);
-    
+
     logger.info('Post created successfully', {
       postId: newPost.id,
       title: newPost.title,
-      status: newPost.status
+      status: newPost.status,
     });
 
     res.status(201).json(newPost);
@@ -36,7 +36,7 @@ const createPost = async (req, res, next) => {
     logger.error('Post creation failed', {
       error: error.message,
       stack: error.stack,
-      title: req.body?.title
+      title: req.body?.title,
     });
     // Pass error to the Express error handler
     next(error);

package/src/controllers/tagController.js

@@ -1,8 +1,5 @@
-import {
-  getTags as getGhostTags,
-  createTag as createGhostTag,
-} from "../services/ghostService.js";
-import { createContextLogger } from "../utils/logger.js";
+import { getTags as getGhostTags, createTag as createGhostTag } from '../services/ghostService.js';
+import { createContextLogger } from '../utils/logger.js';
 
 /**
  * Controller to handle fetching tags.
@@ -10,26 +7,26 @@ import { createContextLogger } from "../utils/logger.js";
  */
 const getTags = async (req, res, next) => {
   const logger = createContextLogger('tag-controller');
-  
+
   try {
     const { name } = req.query; // Get name from query params like /api/tags?name=some-tag
     logger.info('Fetching tags', {
       filtered: !!name,
-      filterName: name
+      filterName: name,
     });
-    
+
     const tags = await getGhostTags(name);
-    
+
     logger.info('Tags retrieved successfully', {
       count: tags.length,
-      filtered: !!name
+      filtered: !!name,
     });
-    
+
     res.status(200).json(tags);
   } catch (error) {
     logger.error('Get tags failed', {
       error: error.message,
-      filterName: req.query?.name
+      filterName: req.query?.name,
     });
     next(error);
   }
@@ -40,35 +37,35 @@ const getTags = async (req, res, next) => {
  */
 const createTag = async (req, res, next) => {
   const logger = createContextLogger('tag-controller');
-  
+
   try {
     // Basic validation (more could be added via express-validator)
     const { name, description, slug, ...otherData } = req.body;
     if (!name) {
       logger.warn('Tag creation attempted without name');
-      return res.status(400).json({ message: "Tag name is required." });
+      return res.status(400).json({ message: 'Tag name is required.' });
     }
     const tagData = { name, description, slug, ...otherData };
 
     logger.info('Creating tag', {
       name,
       hasDescription: !!description,
-      hasSlug: !!slug
+      hasSlug: !!slug,
     });
-    
+
     const newTag = await createGhostTag(tagData);
-    
+
     logger.info('Tag created successfully', {
       tagId: newTag.id,
       name: newTag.name,
-      slug: newTag.slug
+      slug: newTag.slug,
     });
-    
+
     res.status(201).json(newTag);
   } catch (error) {
     logger.error('Tag creation failed', {
       error: error.message,
-      tagName: req.body?.name
+      tagName: req.body?.name,
     });
     next(error);
   }