@kya-os/mcp-i 1.6.13 → 1.6.15

package/dist/runtime/transports/http/stateless-streamable-http.js

@@ -56,7 +56,7 @@ class StatelessHttpServerTransport extends base_streamable_http_1.BaseHttpServer
         if (requestId === undefined || requestId === null) {
             // In stateless mode, we can't handle notifications without request IDs
             if (this.debug) {
-                console.log("[StatelessHTTP] Dropping notification without request ID");
+                console.error("[StatelessHTTP] Dropping notification without request ID");
             }
             return;
         }
@@ -228,7 +228,7 @@ class StatelessStreamableHTTPTransport {
     }
     log(message, ...args) {
         if (this.debug) {
-            console.log(`[StatelessHTTP] ${message}`, ...args);
+            console.error(`[StatelessHTTP] ${message}`, ...args);
         }
     }
     setupMiddleware(bodySizeLimit) {
@@ -306,14 +306,14 @@ class StatelessStreamableHTTPTransport {
     start() {
         const host = this.options.host || "127.0.0.1";
         this.server.listen(this.port, host, () => {
-            console.log(`${cli_icons_1.greenCheck} MCP Server running on http://${host}:${this.port}${this.endpoint}`);
+            console.error(`${cli_icons_1.greenCheck} MCP Server running on http://${host}:${this.port}${this.endpoint}`);
             if (this.oauthProxy && this.debug) {
-                console.log(`🔐 OAuth endpoints available:`);
-                console.log(`   Discovery: http://${host}:${this.port}/.well-known/oauth-authorization-server`);
-                console.log(`   Authorize: http://${host}:${this.port}/oauth2/authorize`);
-                console.log(`   Token: http://${host}:${this.port}/oauth2/token`);
-                console.log(`   Revoke: http://${host}:${this.port}/oauth2/revoke`);
-                console.log(`   Introspect: http://${host}:${this.port}/oauth2/introspect`);
+                console.error(`🔐 OAuth endpoints available:`);
+                console.error(`   Discovery: http://${host}:${this.port}/.well-known/oauth-authorization-server`);
+                console.error(`   Authorize: http://${host}:${this.port}/oauth2/authorize`);
+                console.error(`   Token: http://${host}:${this.port}/oauth2/token`);
+                console.error(`   Revoke: http://${host}:${this.port}/oauth2/revoke`);
+                console.error(`   Introspect: http://${host}:${this.port}/oauth2/introspect`);
             }
             this.setupShutdownHandlers();
         });

package/dist/storage/encryption.js

@@ -92,7 +92,7 @@ class AudienceKeyEncryption {
      */
     static async importPrivateKey(privateKey) {
         const keyBytes = Buffer.from(privateKey, "base64");
-        return await crypto_1.webcrypto.subtle.importKey("raw", keyBytes, {
+        return await crypto_1.webcrypto.subtle.importKey("pkcs8", keyBytes, {
             name: "X25519",
         }, false, ["deriveKey"]);
     }
@@ -107,7 +107,8 @@ class AudienceKeyEncryption {
      * Export private key to base64 string
      */
     static async exportPrivateKey(privateKey) {
-        const keyBytes = await crypto_1.webcrypto.subtle.exportKey("raw", privateKey);
+        // X25519 private keys must be exported in PKCS8 format, not raw
+        const keyBytes = await crypto_1.webcrypto.subtle.exportKey("pkcs8", privateKey);
         return Buffer.from(keyBytes).toString("base64");
     }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kya-os/mcp-i",
-  "version": "1.6.13",
+  "version": "1.6.15",
   "description": "The TypeScript MCP framework with identity features built-in",
   "type": "commonjs",
   "main": "dist/index.js",
@@ -63,8 +63,8 @@
     "model-context-protocol"
   ],
   "dependencies": {
-    "@kya-os/contracts": "^1.6.16",
-    "@kya-os/mcp-i-core": "^1.3.23",
+    "@kya-os/contracts": "^1.6.18",
+    "@kya-os/mcp-i-core": "^1.3.25",
     "@modelcontextprotocol/sdk": "^1.11.4",
     "@swc/core": "^1.11.24",
     "@types/express": "^5.0.1",