npm - @matthesketh/fleet - Versions diffs - 1.0.0 → 1.1.0 - Mend

@matthesketh/fleet 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/README.md +27 -4
package/dist/cli.js +8 -0
package/dist/commands/deps.d.ts +1 -0
package/dist/commands/deps.js +223 -0
package/dist/commands/motd.d.ts +1 -0
package/dist/commands/motd.js +10 -0
package/dist/core/deps/actors/pr-creator.d.ts +14 -0
package/dist/core/deps/actors/pr-creator.js +103 -0
package/dist/core/deps/cache.d.ts +5 -0
package/dist/core/deps/cache.js +28 -0
package/dist/core/deps/collectors/composer.d.ts +12 -0
package/dist/core/deps/collectors/composer.js +70 -0
package/dist/core/deps/collectors/docker-image.d.ts +18 -0
package/dist/core/deps/collectors/docker-image.js +132 -0
package/dist/core/deps/collectors/docker-running.d.ts +17 -0
package/dist/core/deps/collectors/docker-running.js +55 -0
package/dist/core/deps/collectors/eol.d.ts +16 -0
package/dist/core/deps/collectors/eol.js +139 -0
package/dist/core/deps/collectors/github-pr.d.ts +8 -0
package/dist/core/deps/collectors/github-pr.js +40 -0
package/dist/core/deps/collectors/npm.d.ts +12 -0
package/dist/core/deps/collectors/npm.js +63 -0
package/dist/core/deps/collectors/pip.d.ts +15 -0
package/dist/core/deps/collectors/pip.js +94 -0
package/dist/core/deps/collectors/vulnerability.d.ts +9 -0
package/dist/core/deps/collectors/vulnerability.js +102 -0
package/dist/core/deps/config.d.ts +6 -0
package/dist/core/deps/config.js +55 -0
package/dist/core/deps/reporters/cli.d.ts +4 -0
package/dist/core/deps/reporters/cli.js +123 -0
package/dist/core/deps/reporters/motd.d.ts +3 -0
package/dist/core/deps/reporters/motd.js +64 -0
package/dist/core/deps/reporters/telegram.d.ts +6 -0
package/dist/core/deps/reporters/telegram.js +106 -0
package/dist/core/deps/scanner.d.ts +4 -0
package/dist/core/deps/scanner.js +89 -0
package/dist/core/deps/severity.d.ts +6 -0
package/dist/core/deps/severity.js +45 -0
package/dist/core/deps/types.d.ts +64 -0
package/dist/core/deps/types.js +1 -0
package/dist/mcp/deps-tools.d.ts +2 -0
package/dist/mcp/deps-tools.js +81 -0
package/dist/mcp/server.js +2 -0
package/dist/templates/motd.d.ts +1 -0
package/dist/templates/motd.js +7 -0
package/package.json +1 -1

package/dist/core/deps/types.d.ts ADDED Viewed

@@ -0,0 +1,64 @@
+import type { AppEntry } from '../registry.js';
+export type CollectorType = 'npm' | 'composer' | 'pip' | 'docker-image' | 'docker-running' | 'eol' | 'vulnerability' | 'github-pr';
+export type Severity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export type FindingCategory = 'outdated-dep' | 'image-update' | 'eol-warning' | 'vulnerability' | 'pending-pr';
+export interface Finding {
+    appName: string;
+    source: CollectorType;
+    severity: Severity;
+    category: FindingCategory;
+    title: string;
+    detail: string;
+    package?: string;
+    currentVersion?: string;
+    latestVersion?: string;
+    eolDate?: string;
+    cveId?: string;
+    prUrl?: string;
+    fixable: boolean;
+    updatedAt: string;
+}
+export interface ScanError {
+    collector: CollectorType;
+    appName?: string;
+    message: string;
+    timestamp: string;
+}
+export interface IgnoreRule {
+    appName?: string;
+    package?: string;
+    source?: CollectorType;
+    reason: string;
+    until?: string;
+}
+export interface DepsConfig {
+    scanIntervalHours: number;
+    concurrency: number;
+    notifications: {
+        telegram: {
+            enabled: boolean;
+            chatId: string;
+            minSeverity: Severity;
+        };
+    };
+    ignore: IgnoreRule[];
+    severityOverrides: {
+        eolDaysWarning: number;
+        majorVersionBehind: Severity;
+        minorVersionBehind: Severity;
+        patchVersionBehind: Severity;
+    };
+}
+export interface DepsCache {
+    version: 1;
+    lastScan: string;
+    scanDurationMs: number;
+    findings: Finding[];
+    errors: ScanError[];
+    config: DepsConfig;
+}
+export interface Collector {
+    type: CollectorType;
+    detect(appPath: string): boolean;
+    collect(app: AppEntry): Promise<Finding[]>;
+}

package/dist/core/deps/types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/mcp/deps-tools.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
2	+ export declare function registerDepsTools(server: McpServer): void;

package/dist/mcp/deps-tools.js ADDED Viewed

@@ -0,0 +1,81 @@
+import { z } from 'zod';
+import { load, findApp } from '../core/registry.js';
+import { loadConfig, saveConfig } from '../core/deps/config.js';
+import { loadCache, saveCache } from '../core/deps/cache.js';
+import { runScan } from '../core/deps/scanner.js';
+import { createDepsPr } from '../core/deps/actors/pr-creator.js';
+import { AppNotFoundError } from '../core/errors.js';
+function text(msg) {
+    return { content: [{ type: 'text', text: msg }] };
+}
+export function registerDepsTools(server) {
+    server.tool('fleet_deps_status', 'Dependency health summary from cache — outdated packages, CVEs, EOL warnings, Docker image updates', async () => {
+        const cache = loadCache();
+        if (!cache)
+            return text('No scan data. Run fleet deps scan first.');
+        return text(JSON.stringify(cache, null, 2));
+    });
+    server.tool('fleet_deps_scan', 'Run a fresh dependency scan across all registered apps', async () => {
+        const reg = load();
+        const config = loadConfig();
+        const cache = await runScan(reg.apps, config);
+        saveCache(cache);
+        return text(JSON.stringify({
+            findings: cache.findings.length,
+            errors: cache.errors.length,
+            duration: cache.scanDurationMs,
+            apps: reg.apps.length,
+        }, null, 2));
+    });
+    server.tool('fleet_deps_app', 'Dependency findings for a specific app', { app: z.string().describe('App name') }, async ({ app }) => {
+        const cache = loadCache();
+        if (!cache)
+            return text('No scan data. Run fleet deps scan first.');
+        const reg = load();
+        const entry = findApp(reg, app);
+        if (!entry)
+            throw new AppNotFoundError(app);
+        const findings = cache.findings.filter(f => f.appName === entry.name);
+        return text(JSON.stringify(findings, null, 2));
+    });
+    server.tool('fleet_deps_fix', 'Create a PR with dependency updates for an app (dry-run by default)', {
+        app: z.string().describe('App name'),
+        dryRun: z.boolean().default(true).describe('Preview changes without creating PR'),
+    }, async ({ app, dryRun }) => {
+        const reg = load();
+        const entry = findApp(reg, app);
+        if (!entry)
+            throw new AppNotFoundError(app);
+        const cache = loadCache();
+        if (!cache)
+            return text('No scan data. Run fleet deps scan first.');
+        const findings = cache.findings.filter(f => f.appName === entry.name && f.fixable);
+        const result = createDepsPr(entry, findings, dryRun);
+        return text(JSON.stringify(result, null, 2));
+    });
+    server.tool('fleet_deps_ignore', 'Add an ignore rule for a dependency finding', {
+        package: z.string().describe('Package name to ignore'),
+        reason: z.string().describe('Why this is being ignored'),
+        app: z.string().optional().describe('Limit to specific app'),
+        until: z.string().optional().describe('Auto-expire date (YYYY-MM-DD)'),
+    }, async (params) => {
+        const config = loadConfig();
+        config.ignore.push({
+            package: params.package, reason: params.reason,
+            ...(params.app && { appName: params.app }),
+            ...(params.until && { until: params.until }),
+        });
+        saveConfig(config);
+        return text(`Ignoring ${params.package}: ${params.reason}`);
+    });
+    server.tool('fleet_deps_config', 'Get or set dependency monitoring configuration', { key: z.string().optional(), value: z.string().optional() }, async ({ key, value }) => {
+        const config = loadConfig();
+        if (!key)
+            return text(JSON.stringify(config, null, 2));
+        if (!value)
+            return text(JSON.stringify(config[key], null, 2));
+        config[key] = value === 'true' ? true : value === 'false' ? false : isNaN(Number(value)) ? value : Number(value);
+        saveConfig(config);
+        return text(`Set ${key} = ${value}`);
+    });
+}

package/dist/mcp/server.js CHANGED Viewed

@@ -16,6 +16,7 @@ import { unsealAll, getStatus as getSecretsStatus } from '../core/secrets-ops.js
 import { validateApp, validateAll } from '../core/secrets-validate.js';
 import { registerGitTools } from './git-tools.js';
 import { registerSecretsTools } from './secrets-tools.js';
+import { registerDepsTools } from './deps-tools.js';
 function requireApp(name) {
     const reg = load();
     const app = findApp(reg, name);
@@ -174,6 +175,7 @@ export async function startMcpServer() {
     });
     registerGitTools(server);
     registerSecretsTools(server);
+    registerDepsTools(server);
     const transport = new StdioServerTransport();
     await server.connect(transport);
 }

package/dist/templates/motd.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export declare function generateMotdScript(): string;

package/dist/templates/motd.js ADDED Viewed

@@ -0,0 +1,7 @@
+export function generateMotdScript() {
+    return `#!/bin/bash
+# Fleet service health check — installed by "fleet motd install"
+# Shows service status on SSH login
+/usr/bin/node /home/matt/fleet/dist/index.js watchdog --motd 2>/dev/null || echo "  Fleet: health check failed to run"
+`;
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@matthesketh/fleet",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "Docker production management CLI + MCP server for Claude Code",
   "type": "module",
   "main": "dist/index.js",