@jtalk22/slack-mcp 1.2.4 → 3.0.0

package/scripts/release-preflight.js

@@ -0,0 +1,243 @@
+#!/usr/bin/env node
+
+import { spawnSync } from "child_process";
+import { mkdirSync, writeFileSync } from "fs";
+import { dirname, resolve } from "path";
+import { fileURLToPath } from "url";
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const ROOT = resolve(__dirname, "..");
+const REPORT_PATH = resolve(ROOT, "docs", "release-health", "prepublish-dry-run.md");
+
+const EXPECTED_NAME = process.env.EXPECTED_GIT_NAME || "jtalk22";
+const EXPECTED_EMAIL = process.env.EXPECTED_GIT_EMAIL || "james@revasser.nyc";
+const OWNER_RANGE = process.env.OWNER_CHECK_RANGE || "origin/main..HEAD";
+
+function run(command, args = [], options = {}) {
+  return spawnSync(command, args, {
+    cwd: ROOT,
+    encoding: "utf8",
+    env: process.env,
+    maxBuffer: 20 * 1024 * 1024,
+    ...options
+  });
+}
+
+function trimOutput(text = "", maxChars = 1200) {
+  const normalized = String(text || "").trim();
+  if (!normalized) return "";
+  if (normalized.length <= maxChars) return normalized;
+  return `${normalized.slice(0, maxChars)}... [truncated]`;
+}
+
+function stepResult(name, command, ok, details = "", commandOutput = "") {
+  return { name, command, ok, details, commandOutput };
+}
+
+function gitIdentityStep() {
+  const nameResult = run("git", ["config", "--get", "user.name"]);
+  const emailResult = run("git", ["config", "--get", "user.email"]);
+
+  const actualName = nameResult.stdout.trim();
+  const actualEmail = emailResult.stdout.trim();
+  const ok =
+    nameResult.status === 0 &&
+    emailResult.status === 0 &&
+    actualName === EXPECTED_NAME &&
+    actualEmail === EXPECTED_EMAIL;
+
+  const details = ok
+    ? `Configured as ${actualName} <${actualEmail}>`
+    : `Expected ${EXPECTED_NAME} <${EXPECTED_EMAIL}>, found ${actualName || "(missing)"} <${actualEmail || "(missing)"}>`;
+
+  return stepResult(
+    "Git identity",
+    "git config --get user.name && git config --get user.email",
+    ok,
+    details,
+    `${nameResult.stdout}${nameResult.stderr}${emailResult.stdout}${emailResult.stderr}`
+  );
+}
+
+function ownerAttributionStep() {
+  const result = run("bash", ["scripts/check-owner-attribution.sh", OWNER_RANGE]);
+  return stepResult(
+    "Owner attribution",
+    `bash scripts/check-owner-attribution.sh ${OWNER_RANGE}`,
+    result.status === 0,
+    result.status === 0 ? "All commits in range are owner-attributed." : "Owner attribution check failed.",
+    `${result.stdout}${result.stderr}`
+  );
+}
+
+function publicLanguageStep() {
+  const result = run("bash", ["scripts/check-public-language.sh"]);
+  return stepResult(
+    "Public language",
+    "bash scripts/check-public-language.sh",
+    result.status === 0,
+    result.status === 0 ? "Public wording guardrail passed." : "Disallowed wording found.",
+    `${result.stdout}${result.stderr}`
+  );
+}
+
+function markerScanStep() {
+  const pattern = "Co-authored-by|co-authored-by|Generated with|generated with";
+  const scanPaths = [
+    "README.md",
+    "docs",
+    "public",
+    ".github/RELEASE_NOTES_TEMPLATE.md",
+    ".github/ISSUE_REPLY_TEMPLATE.md"
+  ];
+  const result = run("rg", [
+    "-n",
+    pattern,
+    "--glob",
+    "!docs/release-health/**",
+    ...scanPaths
+  ]);
+
+  if (result.status === 1) {
+    return stepResult(
+      "Public attribution markers",
+      "marker-scan",
+      true,
+      "No non-owner attribution markers found in public surfaces."
+    );
+  }
+
+  return stepResult(
+    "Public attribution markers",
+    "marker-scan",
+    false,
+    result.status === 0
+      ? "Found disallowed markers on public surfaces."
+      : "Marker scan failed.",
+    `${result.stdout}${result.stderr}`
+  );
+}
+
+function runNodeStep(name, scriptPath, extraArgs = []) {
+  const result = run("node", [scriptPath, ...extraArgs]);
+  return stepResult(
+    name,
+    `node ${scriptPath}${extraArgs.length ? ` ${extraArgs.join(" ")}` : ""}`,
+    result.status === 0,
+    result.status === 0 ? "Passed." : "Failed.",
+    `${result.stdout}${result.stderr}`
+  );
+}
+
+function npmPackSnapshot() {
+  const result = run("npm", ["pack", "--dry-run", "--json"]);
+  if (result.status !== 0) {
+    return {
+      ok: false,
+      details: "Unable to generate npm pack snapshot.",
+      output: `${result.stdout}${result.stderr}`
+    };
+  }
+
+  try {
+    const parsed = JSON.parse(result.stdout);
+    const entry = Array.isArray(parsed) ? parsed[0] : parsed;
+    const fileCount = Array.isArray(entry.files) ? entry.files.length : 0;
+    const details = `package size ${entry.size} bytes, unpacked ${entry.unpackedSize} bytes, files ${fileCount}`;
+    return { ok: true, details, output: result.stdout };
+  } catch (error) {
+    return {
+      ok: false,
+      details: "npm pack output was not valid JSON.",
+      output: `${result.stdout}\n${String(error)}`
+    };
+  }
+}
+
+function buildReport(results, packSnapshot) {
+  const generated = new Date().toISOString();
+  const failed = results.filter((step) => !step.ok);
+  const lines = [];
+  lines.push("# Prepublish Dry Run");
+  lines.push("");
+  lines.push(`- Generated: ${generated}`);
+  lines.push(`- Expected owner: \`${EXPECTED_NAME} <${EXPECTED_EMAIL}>\``);
+  lines.push(`- Owner range: \`${OWNER_RANGE}\``);
+  lines.push("");
+  lines.push("## Step Matrix");
+  lines.push("");
+  lines.push("| Step | Status | Command | Details |");
+  lines.push("|---|---|---|---|");
+  for (const step of results) {
+    lines.push(`| ${step.name} | ${step.ok ? "pass" : "fail"} | \`${step.command}\` | ${step.details} |`);
+  }
+  lines.push("");
+  lines.push("## npm Pack Snapshot");
+  lines.push("");
+  lines.push(`- Status: ${packSnapshot.ok ? "pass" : "fail"}`);
+  lines.push(`- Details: ${packSnapshot.details}`);
+  lines.push("");
+
+  if (failed.length === 0 && packSnapshot.ok) {
+    lines.push("## Result");
+    lines.push("");
+    lines.push("Prepublish dry run passed.");
+  } else {
+    lines.push("## Result");
+    lines.push("");
+    lines.push("Prepublish dry run failed.");
+    lines.push("");
+    lines.push("### Failing checks");
+    for (const step of failed) {
+      lines.push(`- ${step.name}`);
+    }
+    if (!packSnapshot.ok) lines.push("- npm pack snapshot");
+  }
+
+  lines.push("");
+  lines.push("## Command Output (Truncated)");
+  lines.push("");
+  for (const step of results) {
+    lines.push(`### ${step.name}`);
+    lines.push("");
+    lines.push("```text");
+    lines.push(trimOutput(step.commandOutput) || "(no output)");
+    lines.push("```");
+    lines.push("");
+  }
+  lines.push("### npm Pack Snapshot");
+  lines.push("");
+  lines.push("```text");
+  lines.push(trimOutput(packSnapshot.output, 4000) || "(no output)");
+  lines.push("```");
+  lines.push("");
+
+  return lines.join("\n");
+}
+
+function main() {
+  const steps = [
+    gitIdentityStep(),
+    ownerAttributionStep(),
+    publicLanguageStep(),
+    markerScanStep(),
+    runNodeStep("Core verification", "scripts/verify-core.js"),
+    runNodeStep("Web verification", "scripts/verify-web.js"),
+    runNodeStep("Install-flow verification", "scripts/verify-install-flow.js"),
+    runNodeStep("Version parity", "scripts/check-version-parity.js", ["--allow-propagation"])
+  ];
+
+  const packSnapshot = npmPackSnapshot();
+  const report = buildReport(steps, packSnapshot);
+
+  mkdirSync(resolve(ROOT, "docs", "release-health"), { recursive: true });
+  writeFileSync(REPORT_PATH, `${report}\n`);
+
+  console.log(`Wrote ${REPORT_PATH}`);
+  const failed = steps.some((step) => !step.ok) || !packSnapshot.ok;
+  if (failed) {
+    process.exitCode = 1;
+  }
+}
+
+main();

package/scripts/setup-wizard.js

@@ -23,8 +23,9 @@ import {
 } from "../lib/token-store.js";
 
 const IS_MACOS = platform() === 'darwin';
-const VERSION = "1.2.4";
+const VERSION = "3.0.0";
 const MIN_NODE_MAJOR = 20;
+const AUTH_TEST_URL = process.env.SLACK_MCP_AUTH_TEST_URL || "https://slack.com/api/auth.test";
 
 // ANSI colors
 const colors = {
@@ -78,7 +79,7 @@ async function pressEnterToContinue(rl) {
 
 async function validateTokens(token, cookie) {
   try {
-    const response = await fetch("https://slack.com/api/auth.test", {
+    const response = await fetch(AUTH_TEST_URL, {
       method: "POST",
       headers: {
         "Authorization": `Bearer ${token}`,
@@ -251,6 +252,8 @@ async function showStatus() {
 
   if (!creds) {
     error("No tokens found");
+    print("Code: missing_credentials");
+    print("Message: No credentials available from environment, file, or keychain.");
     print();
     print("Run setup wizard: npx -y @jtalk22/slack-mcp --setup");
     process.exit(1);
@@ -268,6 +271,7 @@ async function showStatus() {
   const result = await validateTokens(creds.token, creds.cookie);
   if (!result.valid) {
     error("Status: INVALID");
+    print("Code: auth_failed");
     print(`Error: ${result.error}`);
     print();
     print("Run setup wizard to refresh: npx -y @jtalk22/slack-mcp --setup");
@@ -275,6 +279,8 @@ async function showStatus() {
   }
 
   success("Status: VALID");
+  print("Code: ok");
+  print("Message: Slack auth valid.");
   print(`User: ${result.user}`);
   print(`Team: ${result.team}`);
   print(`User ID: ${result.userId}`);
@@ -331,6 +337,7 @@ async function runDoctor() {
   const nodeMajor = parseNodeMajor();
   if (Number.isNaN(nodeMajor) || nodeMajor < MIN_NODE_MAJOR) {
     error(`Node.js ${process.versions.node} detected (requires Node ${MIN_NODE_MAJOR}+)`);
+    print("Code: runtime_node_unsupported");
     print();
     print("Next action:");
     print(`  npx -y @jtalk22/slack-mcp --doctor  # rerun after upgrading Node ${MIN_NODE_MAJOR}+`);
@@ -341,6 +348,7 @@ async function runDoctor() {
   const creds = getDoctorCredentials();
   if (!creds) {
     error("Credentials: not found");
+    print("Code: missing_credentials");
     print();
     print("Next action:");
     print("  npx -y @jtalk22/slack-mcp --setup");
@@ -361,6 +369,7 @@ async function runDoctor() {
   if (!validation.valid) {
     const exitCode = classifyAuthError(validation.error);
     error(`Slack auth failed: ${validation.error}`);
+    print(`Code: ${exitCode === 2 ? "auth_invalid" : "runtime_auth_check_failed"}`);
     print();
     print("Next action:");
     if (exitCode === 2) {
@@ -373,6 +382,7 @@ async function runDoctor() {
   }
 
   success(`Slack auth valid for ${validation.user} @ ${validation.team}`);
+  print("Code: ok");
   print();
   print("Ready. Next command:");
   print("  npx -y @jtalk22/slack-mcp");

package/scripts/verify-install-flow.js

@@ -1,16 +1,19 @@
 #!/usr/bin/env node
 
 import { spawnSync } from "node:child_process";
-import { mkdtempSync, rmSync } from "node:fs";
+import { mkdtempSync, readFileSync, rmSync } from "node:fs";
 import { tmpdir } from "node:os";
 import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
 
 const PKG = "@jtalk22/slack-mcp";
 const repoRoot = join(dirname(fileURLToPath(import.meta.url)), "..");
+const strictPublished = process.argv.includes("--strict-published");
+const PUBLISHED_SPEC = `${PKG}@latest`;
+const localVersion = JSON.parse(readFileSync(join(repoRoot, "package.json"), "utf8")).version;
 
 function runNpx(args, options = {}) {
-  const cmdArgs = ["-y", PKG, ...args];
+  const cmdArgs = ["-y", PUBLISHED_SPEC, ...args];
   const result = spawnSync("npx", cmdArgs, {
     cwd: options.cwd,
     env: options.env,
@@ -97,6 +100,18 @@ function main() {
       "Expected --version to exit 0",
       versionResult.stderr || versionResult.stdout,
     );
+    const publishedMatchesLocal = versionResult.stdout.includes(localVersion);
+    if (strictPublished) {
+      assert(
+        publishedMatchesLocal,
+        `Expected published npx version to match local ${localVersion}`,
+        versionResult.stdout,
+      );
+    } else if (!publishedMatchesLocal) {
+      console.log(
+        `warning: npx resolved ${versionResult.stdout || "unknown"} while local version is ${localVersion}; strict published checks are deferred until publish.`
+      );
+    }
 
     const helpResult = runNpx(["--help"], { cwd: testHome, env });
     printResult("help", helpResult);
@@ -113,6 +128,15 @@ function main() {
       "Expected --status to exit non-zero when credentials are missing",
       statusResult.stderr || statusResult.stdout,
     );
+    if (strictPublished) {
+      assert(
+        !statusResult.stderr.includes("Attempting Chrome auto-extraction"),
+        "Expected npx --status to be read-only without auto-extraction side effects",
+        statusResult.stderr,
+      );
+    } else if (statusResult.stderr.includes("Attempting Chrome auto-extraction")) {
+      console.log("warning: published npx --status still has extraction side effects; re-run with --strict-published after publish.");
+    }
 
     const localStatusResult = runLocalSetupStatus({ env });
     printResult("local-status", localStatusResult);
@@ -148,6 +172,18 @@ function main() {
       localDoctorInvalidResult.stderr || localDoctorInvalidResult.stdout,
     );
 
+    const runtimeEnv = {
+      ...invalidEnv,
+      SLACK_MCP_AUTH_TEST_URL: "http://127.0.0.1:9/auth.test"
+    };
+    const localDoctorRuntimeResult = runLocalDoctor({ env: runtimeEnv });
+    printResult("local-doctor-runtime", localDoctorRuntimeResult);
+    assert(
+      localDoctorRuntimeResult.status === 3,
+      "Expected local --doctor to exit 3 when runtime connectivity fails",
+      localDoctorRuntimeResult.stderr || localDoctorRuntimeResult.stdout,
+    );
+
     console.log("\nInstall flow verification passed.");
   } finally {
     rmSync(testHome, { recursive: true, force: true });

package/scripts/verify-web.js

@@ -6,7 +6,8 @@
  * 1. Server starts and prints Magic Link
  * 2. /demo.html contains "STATIC PREVIEW" banner
  * 3. /?key=... serves the dashboard (index.html)
- * 4. Server shuts down cleanly
+ * 4. /demo-video.html media assets are reachable
+ * 5. Server shuts down cleanly
  */
 
 import { spawn } from "child_process";
@@ -142,6 +143,45 @@ async function testApiWithKey(apiKey) {
   return true;
 }
 
+async function testDemoVideoAssets() {
+  const demoVideoUrl = `http://localhost:${PORT}/demo-video.html`;
+  const demoVideoRes = await fetch(demoVideoUrl);
+
+  if (!demoVideoRes.ok) {
+    throw new Error(`Failed to fetch demo-video.html: ${demoVideoRes.status}`);
+  }
+
+  const demoVideoHtml = await demoVideoRes.text();
+  const requiredAssetCandidates = [
+    [
+      "/docs/images/demo-poster.png",
+      "https://jtalk22.github.io/slack-mcp-server/docs/images/demo-poster.png",
+    ],
+    [
+      "/docs/videos/demo-claude.webm",
+      "https://jtalk22.github.io/slack-mcp-server/docs/videos/demo-claude.webm",
+    ],
+  ];
+
+  for (const candidates of requiredAssetCandidates) {
+    const matched = candidates.find((candidate) => demoVideoHtml.includes(candidate));
+    if (!matched) {
+      throw new Error(`demo-video.html missing expected media reference: ${candidates.join(" OR ")}`);
+    }
+
+    const assetUrl = matched.startsWith("http")
+      ? matched
+      : `http://localhost:${PORT}${matched}`;
+
+    const assetRes = await fetch(assetUrl);
+    if (!assetRes.ok) {
+      throw new Error(`Demo media not reachable: ${assetUrl} (status ${assetRes.status})`);
+    }
+  }
+
+  return true;
+}
+
 async function main() {
   console.log("╔════════════════════════════════════════╗");
   console.log("║  Web UI Verification Tests             ║");
@@ -192,6 +232,14 @@ async function main() {
     log("PASS: API correctly rejects bad keys");
     results.push(true);
 
+    // Test 5: Demo video/media paths
+    console.log("\n[TEST 5] Demo Video Media Reachability");
+    console.log("─".repeat(40));
+
+    await testDemoVideoAssets();
+    log("PASS: demo-video media assets are reachable");
+    results.push(true);
+
   } catch (err) {
     console.log(`  FAIL: ${err.message}`);
     results.push(false);

package/server.json

@@ -0,0 +1,47 @@
+{
+  "$schema": "https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json",
+  "name": "io.github.jtalk22/slack-mcp-server",
+  "title": "Slack MCP Server",
+  "description": "Session-based Slack access for Claude: DMs, channels, search, and threads via your Slack session.",
+  "websiteUrl": "https://jtalk22.github.io/slack-mcp-server/public/demo.html",
+  "icons": [
+    {
+      "src": "https://raw.githubusercontent.com/jtalk22/slack-mcp-server/main/docs/assets/icon-512.png",
+      "mimeType": "image/png",
+      "sizes": [
+        "512x512"
+      ]
+    }
+  ],
+  "repository": {
+    "url": "https://github.com/jtalk22/slack-mcp-server",
+    "source": "github"
+  },
+  "version": "3.0.0",
+  "packages": [
+    {
+      "registryType": "npm",
+      "identifier": "@jtalk22/slack-mcp",
+      "version": "3.0.0",
+      "transport": {
+        "type": "stdio"
+      },
+      "environmentVariables": [
+        {
+          "description": "Slack xoxc- token from browser session",
+          "isRequired": false,
+          "format": "string",
+          "isSecret": true,
+          "name": "SLACK_TOKEN"
+        },
+        {
+          "description": "Slack xoxd- cookie from browser session",
+          "isRequired": false,
+          "format": "string",
+          "isSecret": true,
+          "name": "SLACK_COOKIE"
+        }
+      ]
+    }
+  ]
+}

package/smithery.yaml

@@ -0,0 +1,34 @@
+# Smithery configuration for slack-mcp-server
+# https://smithery.ai/docs/build/project-config/smithery-yaml
+
+startCommand:
+  type: stdio
+  configSchema:
+    type: object
+    properties:
+      slackToken:
+        type: string
+        title: "Slack Token"
+        description: "Your xoxc- token from browser session. Optional on macOS (auto-extracted from Chrome)."
+        pattern: "^xoxc-.*$"
+      slackCookie:
+        type: string
+        title: "Slack Cookie"
+        description: "Your xoxd- cookie from browser session. Optional on macOS (auto-extracted from Chrome)."
+        pattern: "^xoxd-.*$"
+      autoRefresh:
+        type: boolean
+        title: "Auto Refresh"
+        description: "Enable automatic token refresh from Chrome (macOS only)"
+        default: true
+    additionalProperties: false
+  commandFunction: |-
+    (config) => ({
+      command: 'node',
+      args: ['src/server.js'],
+      env: {
+        ...(config.slackToken && { SLACK_TOKEN: config.slackToken }),
+        ...(config.slackCookie && { SLACK_COOKIE: config.slackCookie }),
+        ...(config.autoRefresh === false && { SLACK_NO_AUTO_REFRESH: 'true' })
+      }
+    })