npm - @leo000001/claude-code-mcp - Versions diffs - 2.0.1 → 2.2.0 - Mend

@leo000001/claude-code-mcp 2.0.1 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,83 +1,146 @@
-# Changelog
-## Unreleased
-### Breaking Changes
-- `claude_code` and `claude_code_reply` now start asynchronously and return `{ sessionId, status: "running", pollInterval }`. Use `claude_code_check` to poll events and fetch the final `result`.
-- Removed tool: `claude_code_configure`
-- New tool: `claude_code_check` (poll + respond_permission)
-- **Parameter nesting refactor**: low-frequency parameters have been folded into nested objects to reduce top-level clutter. This is a breaking change for callers that pass these parameters at the top level:
-  - `claude_code`: 22 low-frequency params moved into `advanced` object (e.g. `effort` → `advanced.effort`, `tools` → `advanced.tools`, `agents` → `advanced.agents`, `env` → `advanced.env`)
-  - `claude_code_reply`: 28 disk-resume params moved into `diskResumeConfig` object (e.g. `resumeToken` → `diskResumeConfig.resumeToken`, `cwd` → `diskResumeConfig.cwd`)
-  - `claude_code_check`: 9 poll control params moved into `pollOptions` object (e.g. `includeTools` → `pollOptions.includeTools`); 2 permission response params moved into `permissionOptions` object (e.g. `updatedInput` → `permissionOptions.updatedInput`)
-  - Schema descriptions for nested object fields have been compacted (self-explanatory fields no longer carry `.describe()` text; object-level descriptions enhanced as summaries) to reduce token overhead for calling models
-### Features
-- New module: `src/tools/query-consumer.ts` — shared background query consumer (`consumeQuery`) for start, resume, and disk-resume code paths
-- New module: `src/tools/tool-discovery.ts` — runtime tool discovery with `TOOL_CATALOG`, `ToolDiscoveryCache`, and dynamic `claude_code` description generation
-- New module: `src/utils/build-options.ts` — centralized SDK `Partial<Options>` construction from flat input objects
-- New module: `src/utils/race-with-abort.ts` — race a promise against an AbortSignal with cleanup
-- New module: `src/utils/resume-token.ts` — HMAC-SHA256 resume token generation/validation for secure disk resume
-### Improvements
-- `claude_code_check`: default `responseMode="minimal"` to reduce payload size; supports `maxEvents` pagination with `truncated`/`truncatedFields`
-- `claude_code_check`: minimal mode now slims assistant message events (strips `usage`, `model`, `id`, `cache_control` from content blocks)
-- `claude_code_check`: minimal mode filters out noisy progress events (`tool_progress`, `auth_status`); use `includeProgressEvents: true` to restore
-- `claude_code_check`: minimal mode omits `lastEventId`/`lastToolUseId` from top-level response and `durationApiMs`/`sessionTotalTurns`/`sessionTotalCostUsd` from AgentResult
-- `claude_code_check`: includes lightweight session diagnostics (`cancelledAt`/`cancelledReason`/`cancelledSource`, `lastEventId`, `lastToolUseId`)
-- Disk resume security: disk resume fallback requires `CLAUDE_CODE_MCP_RESUME_SECRET` + `resumeToken`
-## 1.6.0 (2026-02-12)
-### Bug Fixes
-- Windows: fixed Git Bash auto-detection path derivation and improved candidate search
-### Security
-- `claude_code_session includeSensitive=true` no longer leaks extra fields (e.g. `env`, `debugFile`, `mcpServers`, `sandbox`) beyond the documented sensitive set
-### Documentation
-- README: clarify `Task` is required for subagent invocation and how `allowedTools` interacts with `mcpServers`
-- README: clarify `includePartialMessages` is not streamed over MCP responses
-## 1.4.0 (2026-02-11)
-### Features
-- New tool: `claude_code_configure` for runtime bypass mode management (enable/disable without restart)
-- New parameters for `claude_code`: `additionalDirectories`, `outputFormat`, `thinking`, `tools`, `timeout`
-- New parameters for `claude_code` and `claude_code_reply`: `pathToClaudeCodeExecutable`, `agent`, `mcpServers`, `sandbox`, `fallbackModel`, `enableFileCheckpointing`, `includePartialMessages`, `strictMcpConfig`, `settingSources`, `debug`, `debugFile`, `env`
-- Effort level now supports `"max"` in addition to low/medium/high
-- `AgentResult` now includes `structuredOutput`, `stopReason`, `errorSubtype`, `usage`, `modelUsage`, `permissionDenials`
-### Improvements
-- README: Added Prerequisites section clarifying Claude Code CLI dependency
-- README/DESIGN.md: Updated parameter tables to include all supported parameters
-- DESIGN.md: Updated to reflect 4-tool architecture and current security model
-- SECURITY.md: Fixed inaccurate references to system CLI and env vars
-- Moved `clearTimeout` into `finally` blocks for safer resource cleanup
-- Added `break` after result processing in `claude_code_reply` for consistency
-### Bug Fixes
-- Fixed `claude_code_reply` not passing `cwd`/`permissionMode`/`allowDangerouslySkipPermissions` to SDK
-- Fixed falsy filtering dropping valid values like empty arrays and zero
-- Removed unsafe `as any` type assertions where possible
-- Fixed fork overwriting original session status (now restores pre-fork status)
-- Fixed `cancel()` allowing cancellation of non-running sessions
-- Fixed `destroy()` clearing session map while in-flight operations still reference sessions
-- Improved abort detection using SDK's `AbortError` class
-- Added session overwrite guard in `create()`
-- Added `lastActiveAt` update when aborting stuck sessions in cleanup
-## 1.0.0 (2026-02-11)
-### Features
-- Initial release
-- 3 MCP tools: `claude_code`, `claude_code_reply`, `claude_code_session`
-- Session management with resume and fork support
-- Fine-grained permission control (default, acceptEdits, bypassPermissions, plan, delegate, dontAsk)
-- Custom subagent definitions
-- Effort level control (low, medium, high)
-- Beta features support (e.g., 1M context window)
-- Cost and turn tracking per session
-- Session cancellation via AbortController
-- Auto-cleanup for idle (30min) and stuck running (4h) sessions
-- Security: bypassPermissions disabled by default
+# Changelog
+## Unreleased
+### Improvements
+- Add `CLAUDE_CODE_MCP_MAX_SESSIONS` (default: `128`) to cap in-memory session count and reduce risk of memory exhaustion.
+- Add `CLAUDE_CODE_MCP_MAX_PENDING_PERMISSIONS` (default: `64`) to cap outstanding permission requests per session.
+- Promote `effort` and `thinking` to top-level parameters on `claude_code` and `claude_code_reply` (deprecated aliases: `advanced.effort`, `advanced.thinking`).
+- Tool responses now include `structuredContent` (in addition to JSON text) for easier MCP client consumption.
+- Emit `tools/list_changed` and `resources/list_changed` once after connect; update `claude_code` tool description dynamically when runtime tool discovery changes.
+- Align declared MCP capabilities with implemented primitives (`logging`, `tools`, `resources`) and remove prompt primitive exposure.
+- Add unit tests for `build-options.ts` and `race-with-abort.ts`.
+### Bug Fixes
+- Fork resume: restore original session state before creating the forked session record to avoid a brief `AbortController` sharing window.
+- Session totals: prevent `totalTurns`/`totalCostUsd` from being overwritten when SDK-provided session totals look incremental.
+- Permission audit: include allow-side `updatedInput`/`updatedPermissions` in `permission_result` events.
+### Refactors
+- Extract shared Zod schema fields for `advanced` and `diskResumeConfig` in `src/server.ts`.
+- Deduplicate `SessionManager.create()` call payloads via a shared helper.
+- Remove `server.close` monkey-patch; perform `sessionManager.destroy()` in the shutdown flow.
+### Documentation
+- Changelog: move released 2.x items out of `Unreleased` and add missing 2.0.0–2.0.3 entries.
+- SECURITY: update supported versions table for 2.x.
+- Docs: clarify same-platform assumption (MCP server and client run on the same machine) across README, AGENTS, SECURITY, and mcp_demo.
+## 2.0.3 (2026-02-15)
+### Improvements
+- Version bump only.
+## 2.0.2 (2026-02-15)
+### Features
+- MCP resources: `server-info`, `internal-tools`, and `gotchas`
+- Permission workflow: include timeout/expiration metadata in permission actions; support `updatedInput` normalization
+### Bug Fixes
+- Windows: normalize MSYS-style paths for `NotebookEdit` where possible
+## 2.0.1 (2026-02-15)
+### Improvements
+- Refined server schema descriptions/default annotations to reduce token overhead for calling models
+## 2.0.0 (2026-02-15)
+### Breaking Changes
+- `claude_code` and `claude_code_reply` now start asynchronously and return `{ sessionId, status: "running", pollInterval }`. Use `claude_code_check` to poll events and fetch the final `result`.
+- Removed tool: `claude_code_configure`
+- New tool: `claude_code_check` (poll + respond_permission)
+- **Parameter nesting refactor**: low-frequency parameters have been folded into nested objects to reduce top-level clutter. This is a breaking change for callers that pass these parameters at the top level:
+  - `claude_code`: 22 low-frequency params moved into `advanced` object (e.g. `effort` → `advanced.effort`, `tools` → `advanced.tools`, `agents` → `advanced.agents`, `env` → `advanced.env`)
+  - `claude_code_reply`: 28 disk-resume params moved into `diskResumeConfig` object (e.g. `resumeToken` → `diskResumeConfig.resumeToken`, `cwd` → `diskResumeConfig.cwd`)
+  - `claude_code_check`: 9 poll control params moved into `pollOptions` object (e.g. `includeTools` → `pollOptions.includeTools`); 2 permission response params moved into `permissionOptions` object (e.g. `updatedInput` → `permissionOptions.updatedInput`)
+### Features
+- New module: `src/tools/query-consumer.ts` — shared background query consumer (`consumeQuery`) for start, resume, and disk-resume code paths
+- New module: `src/tools/tool-discovery.ts` — runtime tool discovery with `TOOL_CATALOG`, `ToolDiscoveryCache`, and dynamic `claude_code` description generation
+- New module: `src/utils/build-options.ts` — centralized SDK `Partial<Options>` construction from flat input objects
+- New module: `src/utils/race-with-abort.ts` — race a promise against an AbortSignal with cleanup
+- New module: `src/utils/resume-token.ts` — HMAC-SHA256 resume token generation/validation for secure disk resume
+### Improvements
+- `claude_code_check`: default `responseMode="minimal"` to reduce payload size; supports `maxEvents` pagination with `truncated`/`truncatedFields`
+- `claude_code_check`: minimal mode now slims assistant message events (strips `usage`, `model`, `id`, `cache_control` from content blocks)
+- `claude_code_check`: minimal mode filters out noisy progress events (`tool_progress`, `auth_status`); use `includeProgressEvents: true` to restore
+- `claude_code_check`: minimal mode omits `lastEventId`/`lastToolUseId` from top-level response and `durationApiMs`/`sessionTotalTurns`/`sessionTotalCostUsd` from AgentResult
+- `claude_code_check`: includes lightweight session diagnostics (`cancelledAt`/`cancelledReason`/`cancelledSource`, `lastEventId`, `lastToolUseId`)
+- Permission result events now include `toolName`, and denial details (`message`, `interrupt`) when applicable
+- Disk resume security: disk resume fallback requires `CLAUDE_CODE_MCP_RESUME_SECRET` + `resumeToken`
+## 1.6.0 (2026-02-12)
+### Bug Fixes
+- Windows: fixed Git Bash auto-detection path derivation and improved candidate search
+### Security
+- `claude_code_session includeSensitive=true` no longer leaks extra fields (e.g. `env`, `debugFile`, `mcpServers`, `sandbox`) beyond the documented sensitive set
+### Documentation
+- README: clarify `Task` is required for subagent invocation and how `allowedTools` interacts with `mcpServers`
+- README: clarify `includePartialMessages` is not streamed over MCP responses
+## 1.4.0 (2026-02-11)
+### Features
+- New tool: `claude_code_configure` for runtime bypass mode management (enable/disable without restart)
+- New parameters for `claude_code`: `additionalDirectories`, `outputFormat`, `thinking`, `tools`, `timeout`
+- New parameters for `claude_code` and `claude_code_reply`: `pathToClaudeCodeExecutable`, `agent`, `mcpServers`, `sandbox`, `fallbackModel`, `enableFileCheckpointing`, `includePartialMessages`, `strictMcpConfig`, `settingSources`, `debug`, `debugFile`, `env`
+- Effort level now supports `"max"` in addition to low/medium/high
+- `AgentResult` now includes `structuredOutput`, `stopReason`, `errorSubtype`, `usage`, `modelUsage`, `permissionDenials`
+### Improvements
+- README: Added Prerequisites section clarifying Claude Code CLI dependency
+- README/DESIGN.md: Updated parameter tables to include all supported parameters
+- DESIGN.md: Updated to reflect 4-tool architecture and current security model
+- SECURITY.md: Fixed inaccurate references to system CLI and env vars
+- Moved `clearTimeout` into `finally` blocks for safer resource cleanup
+- Added `break` after result processing in `claude_code_reply` for consistency
+### Bug Fixes
+- Fixed `claude_code_reply` not passing `cwd`/`permissionMode`/`allowDangerouslySkipPermissions` to SDK
+- Fixed falsy filtering dropping valid values like empty arrays and zero
+- Removed unsafe `as any` type assertions where possible
+- Fixed fork overwriting original session status (now restores pre-fork status)
+- Fixed `cancel()` allowing cancellation of non-running sessions
+- Fixed `destroy()` clearing session map while in-flight operations still reference sessions
+- Improved abort detection using SDK's `AbortError` class
+- Added session overwrite guard in `create()`
+- Added `lastActiveAt` update when aborting stuck sessions in cleanup
+## 1.0.0 (2026-02-11)
+### Features
+- Initial release
+- 3 MCP tools: `claude_code`, `claude_code_reply`, `claude_code_session`
+- Session management with resume and fork support
+- Fine-grained permission control (default, acceptEdits, bypassPermissions, plan, delegate, dontAsk)
+- Custom subagent definitions
+- Effort level control (low, medium, high)
+- Beta features support (e.g., 1M context window)
+- Cost and turn tracking per session
+- Session cancellation via AbortController
+- Auto-cleanup for idle (30min) and stuck running (4h) sessions
+- Security: bypassPermissions disabled by default

package/CONTRIBUTING.md CHANGED Viewed

@@ -35,7 +35,7 @@ npm install
 - Keep PRs focused on a single change
 - Include tests for new functionality
-- Update documentation (README, DESIGN.md) if the public API changes
+- Update documentation (README, docs/DESIGN.md) if the public API changes
 - Ensure CI passes before requesting review
 ## Reporting Issues
@@ -43,3 +43,12 @@ npm install
 - Use GitHub Issues for bug reports and feature requests
 - Include reproduction steps for bugs
 - For security vulnerabilities, see [SECURITY.md](SECURITY.md)
+## Release Checklist
+1. Update `CHANGELOG.md` with the upcoming version and confirm `package.json` reflects that version.
+2. Run `npm run format:check`, `npm run lint`, `npm run typecheck` (now covers `src` + `tests`), and `npm test` to prove the working tree is clean.
+3. Build the bundle (`npm run build`) and verify `dist/` contains the expected entry points.
+4. Refresh any documentation (README/CONTRIBUTING/docs) that describe public behavior or APIs touched by the release.
+5. Ensure `NOTICE.md` lists the third-party components bundled in the release and contains links or pointers to their licenses.
+6. Double-check `files`, `bin`, and other package metadata so the published package only ships the intended assets.

package/NOTICE.md ADDED Viewed

@@ -0,0 +1,27 @@
+# NOTICE
+This project (`@leo000001/claude-code-mcp`) is licensed under the MIT License (see `LICENSE`).
+## Third-party components
+This project depends on third-party packages. Their licenses and terms may impose additional
+requirements on redistribution and use.
+### Direct dependencies (from `package.json`)
+- `@anthropic-ai/claude-agent-sdk@0.2.38` — license is declared as “SEE LICENSE IN README.md” in the package metadata. This package bundles a Claude Code CLI; please review Anthropic's documentation and legal terms referenced by that project before redistributing or deploying.
+- `@modelcontextprotocol/sdk@1.26.0` — MIT License
+- `zod@4.3.6` — MIT License
+For a complete dependency graph, see `package-lock.json`. When installed, each dependency’s
+license information is included with the package itself (typically under its `LICENSE` file or
+`package.json` fields).
+### Optional native dependencies
+Some optional dependencies pulled in by the Claude Agent SDK (or its transitive dependencies)
+may include prebuilt native binaries with licenses such as LGPL. These packages are platform-
+specific (e.g., `@img/sharp-*` and related `libvips` packages).
+If you redistribute this project (or produce bundled artifacts), you are responsible for ensuring
+you comply with any applicable third-party license obligations and include required notices.