@mcpspec/server 1.0.3 → 1.1.0

package/README.md

@@ -28,7 +28,7 @@ const server = await startServer({
 
 - `startServer(options?)` — Start the HTTP server with WebSocket support
 - `createApp(options)` — Create the Hono app without starting a server (for testing/embedding)
-- `Database` — sql.js (WASM SQLite) database for storing servers, collections, runs, and audit results
+- `Database` — sql.js (WASM SQLite) database for storing servers, collections, runs, recordings, and audit results
 - `WebSocketHandler` — Real-time event broadcasting over WebSocket
 - `UI_DIST_PATH` — Path to the bundled web UI static files
 
@@ -58,6 +58,12 @@ const server = await startServer({
 | POST | `/api/inspect/connect` | Start inspect session |
 | POST | `/api/inspect/call` | Call a tool in session |
 | POST | `/api/inspect/disconnect` | End inspect session |
+| POST | `/api/inspect/save-recording` | Save session as recording |
+| GET | `/api/recordings` | List recordings |
+| GET | `/api/recordings/:id` | Get recording |
+| POST | `/api/recordings` | Save a recording |
+| DELETE | `/api/recordings/:id` | Delete recording |
+| POST | `/api/recordings/:id/replay` | Replay recording against server |
 | POST | `/api/audit` | Start security audit |
 | POST | `/api/benchmark` | Start benchmark |
 | POST | `/api/docs/generate` | Generate documentation |

package/dist/index.d.ts

@@ -1,5 +1,5 @@
 import { Hono } from 'hono';
-import { SavedServerConnection, SavedCollection, TestRunRecord, TestSummary, TestResult } from '@mcpspec/shared';
+import { SavedServerConnection, SavedCollection, TestRunRecord, TestSummary, TestResult, SavedRecording } from '@mcpspec/shared';
 import { IncomingMessage } from 'node:http';
 import { Duplex } from 'node:stream';
 
@@ -35,8 +35,13 @@ declare class Database {
         duration?: number;
     }): TestRunRecord | null;
     deleteRun(id: string): boolean;
+    listRecordings(): SavedRecording[];
+    getRecording(id: string): SavedRecording | null;
+    createRecording(data: Omit<SavedRecording, 'id' | 'createdAt' | 'updatedAt'>): SavedRecording;
+    deleteRecording(id: string): boolean;
     private rowToServer;
     private rowToCollection;
+    private rowToRecording;
     private rowToRun;
 }
 

package/dist/index.js

@@ -257,7 +257,7 @@ function coerceCollection(raw) {
 }
 
 // src/routes/inspect.ts
-import { inspectConnectSchema, inspectCallSchema } from "@mcpspec/shared";
+import { inspectConnectSchema, inspectCallSchema, saveInspectRecordingSchema } from "@mcpspec/shared";
 import { MCPClient as MCPClient2, ProcessManagerImpl as ProcessManagerImpl2 } from "@mcpspec/core";
 import { randomUUID } from "crypto";
 var MAX_LOG_ENTRIES = 1e4;
@@ -275,7 +275,7 @@ setInterval(() => {
     }
   }
 }, 6e4);
-function inspectRoutes(app, wsHandler) {
+function inspectRoutes(app, db, wsHandler) {
   app.post("/api/inspect/connect", async (c) => {
     const body = await c.req.json();
     const parsed = inspectConnectSchema.safeParse(body);
@@ -434,6 +434,78 @@ function inspectRoutes(app, wsHandler) {
     sessions.delete(sessionId);
     return c.json({ data: { disconnected: true } });
   });
+  app.post("/api/inspect/save-recording", async (c) => {
+    if (!db) {
+      return c.json({ error: "unavailable", message: "Database not configured" }, 500);
+    }
+    const body = await c.req.json();
+    const parsed = saveInspectRecordingSchema.safeParse(body);
+    if (!parsed.success) {
+      return c.json({ error: "validation_error", message: parsed.error.message }, 400);
+    }
+    const session = sessions.get(parsed.data.sessionId);
+    if (!session) {
+      return c.json({ error: "not_found", message: "Session not found or expired" }, 404);
+    }
+    const steps = [];
+    const pendingCalls = /* @__PURE__ */ new Map();
+    for (const entry of session.protocolLog) {
+      if (entry.direction === "outgoing" && entry.method === "tools/call") {
+        const msg = entry.message;
+        const params = msg.params;
+        if (params && entry.jsonrpcId != null) {
+          pendingCalls.set(entry.jsonrpcId, {
+            tool: params.name,
+            input: params.arguments ?? {},
+            sentAt: entry.timestamp
+          });
+        }
+      } else if (entry.direction === "incoming" && entry.jsonrpcId != null) {
+        const pending = pendingCalls.get(entry.jsonrpcId);
+        if (pending) {
+          const msg = entry.message;
+          const result = msg.result;
+          const isError = msg.error !== void 0 || result && result.isError === true;
+          const content = result?.content ?? [];
+          const durationMs = entry.roundTripMs ?? entry.timestamp - pending.sentAt;
+          steps.push({
+            tool: pending.tool,
+            input: pending.input,
+            output: content,
+            isError: isError || void 0,
+            durationMs
+          });
+          pendingCalls.delete(entry.jsonrpcId);
+        }
+      }
+    }
+    if (steps.length === 0) {
+      return c.json({ error: "no_calls", message: "No tool calls found in session to record" }, 400);
+    }
+    let toolList = [];
+    try {
+      const tools = await session.client.listTools();
+      toolList = tools.map((t) => ({ name: t.name, description: t.description }));
+    } catch {
+    }
+    const serverInfo = session.client.getServerInfo();
+    const recording = {
+      id: randomUUID(),
+      name: parsed.data.name,
+      description: parsed.data.description,
+      serverName: serverInfo?.name,
+      tools: toolList,
+      steps,
+      createdAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    const saved = db.createRecording({
+      name: recording.name,
+      description: recording.description,
+      serverName: recording.serverName,
+      data: JSON.stringify(recording)
+    });
+    return c.json({ data: saved }, 201);
+  });
 }
 
 // src/routes/audit.ts
@@ -860,16 +932,93 @@ function scoreRoutes(app, wsHandler) {
   });
 }
 
+// src/routes/recordings.ts
+import { saveRecordingSchema, replayRecordingSchema } from "@mcpspec/shared";
+import { MCPClient as MCPClient7, ProcessManagerImpl as ProcessManagerImpl7, RecordingReplayer, RecordingDiffer } from "@mcpspec/core";
+function recordingsRoutes(app, db) {
+  app.get("/api/recordings", (c) => {
+    const recordings = db.listRecordings();
+    return c.json({ data: recordings, total: recordings.length });
+  });
+  app.get("/api/recordings/:id", (c) => {
+    const recording = db.getRecording(c.req.param("id"));
+    if (!recording) {
+      return c.json({ error: "not_found", message: "Recording not found" }, 404);
+    }
+    return c.json({ data: recording });
+  });
+  app.post("/api/recordings", async (c) => {
+    const body = await c.req.json();
+    const parsed = saveRecordingSchema.safeParse(body);
+    if (!parsed.success) {
+      return c.json({ error: "validation_error", message: parsed.error.message }, 400);
+    }
+    const recording = db.createRecording({
+      name: parsed.data.name,
+      description: parsed.data.description,
+      serverName: parsed.data.serverName,
+      data: parsed.data.data
+    });
+    return c.json({ data: recording }, 201);
+  });
+  app.delete("/api/recordings/:id", (c) => {
+    const deleted = db.deleteRecording(c.req.param("id"));
+    if (!deleted) {
+      return c.json({ error: "not_found", message: "Recording not found" }, 404);
+    }
+    return c.json({ data: { deleted: true } });
+  });
+  app.post("/api/recordings/:id/replay", async (c) => {
+    const saved = db.getRecording(c.req.param("id"));
+    if (!saved) {
+      return c.json({ error: "not_found", message: "Recording not found" }, 404);
+    }
+    const body = await c.req.json();
+    const parsed = replayRecordingSchema.safeParse(body);
+    if (!parsed.success) {
+      return c.json({ error: "validation_error", message: parsed.error.message }, 400);
+    }
+    const recording = JSON.parse(saved.data);
+    const processManager = new ProcessManagerImpl7();
+    const config = {
+      transport: parsed.data.transport,
+      command: parsed.data.command,
+      args: parsed.data.args,
+      url: parsed.data.url,
+      env: parsed.data.env
+    };
+    const client = new MCPClient7({ serverConfig: config, processManager });
+    try {
+      await client.connect();
+      const replayer = new RecordingReplayer();
+      const result = await replayer.replay(recording, client);
+      const differ = new RecordingDiffer();
+      const diff = differ.diff(recording, result.replayedSteps, result.replayedAt);
+      await client.disconnect();
+      await processManager.shutdownAll();
+      return c.json({ data: diff });
+    } catch (err) {
+      await client.disconnect().catch(() => {
+      });
+      await processManager.shutdownAll().catch(() => {
+      });
+      const message = err instanceof Error ? err.message : "Replay failed";
+      return c.json({ error: "replay_error", message }, 500);
+    }
+  });
+}
+
 // src/routes/index.ts
 function registerRoutes(app, db, wsHandler) {
   serversRoutes(app, db);
   collectionsRoutes(app, db);
   runsRoutes(app, db);
-  inspectRoutes(app, wsHandler);
+  inspectRoutes(app, db, wsHandler);
   auditRoutes(app, wsHandler);
   benchmarkRoutes(app, wsHandler);
   docsRoutes(app);
   scoreRoutes(app, wsHandler);
+  recordingsRoutes(app, db);
 }
 
 // src/app.ts
@@ -1043,6 +1192,21 @@ var MIGRATIONS = [
       )`,
       `INSERT INTO schema_version (version) VALUES (1)`
     ]
+  },
+  {
+    version: 2,
+    up: [
+      `CREATE TABLE IF NOT EXISTS recordings (
+        id TEXT PRIMARY KEY,
+        name TEXT NOT NULL,
+        description TEXT,
+        server_name TEXT,
+        data TEXT NOT NULL,
+        created_at TEXT NOT NULL DEFAULT (datetime('now')),
+        updated_at TEXT NOT NULL DEFAULT (datetime('now'))
+      )`,
+      `UPDATE schema_version SET version = 2`
+    ]
   }
 ];
 function getSchemaVersion(db) {
@@ -1265,6 +1429,44 @@ var Database = class {
     this.save();
     return true;
   }
+  // --- Recordings ---
+  listRecordings() {
+    const stmt = this.db.prepare("SELECT * FROM recordings ORDER BY updated_at DESC");
+    const rows = [];
+    while (stmt.step()) {
+      rows.push(this.rowToRecording(stmt.getAsObject()));
+    }
+    stmt.free();
+    return rows;
+  }
+  getRecording(id) {
+    const stmt = this.db.prepare("SELECT * FROM recordings WHERE id = ?");
+    stmt.bind([id]);
+    if (!stmt.step()) {
+      stmt.free();
+      return null;
+    }
+    const row = this.rowToRecording(stmt.getAsObject());
+    stmt.free();
+    return row;
+  }
+  createRecording(data) {
+    const id = randomUUID5();
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    this.db.run(
+      `INSERT INTO recordings (id, name, description, server_name, data, created_at, updated_at) VALUES (?, ?, ?, ?, ?, ?, ?)`,
+      [id, data.name, data.description ?? null, data.serverName ?? null, data.data, now, now]
+    );
+    this.save();
+    return this.getRecording(id);
+  }
+  deleteRecording(id) {
+    const existing = this.getRecording(id);
+    if (!existing) return false;
+    this.db.run("DELETE FROM recordings WHERE id = ?", [id]);
+    this.save();
+    return true;
+  }
   // --- Row mappers ---
   rowToServer(row) {
     return {
@@ -1289,6 +1491,17 @@ var Database = class {
       updatedAt: row["updated_at"]
     };
   }
+  rowToRecording(row) {
+    return {
+      id: row["id"],
+      name: row["name"],
+      description: row["description"] || void 0,
+      serverName: row["server_name"] || void 0,
+      data: row["data"],
+      createdAt: row["created_at"],
+      updatedAt: row["updated_at"]
+    };
+  }
   rowToRun(row) {
     return {
       id: row["id"],

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcpspec/server",
-  "version": "1.0.3",
+  "version": "1.1.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -28,8 +28,8 @@
     "@hono/node-server": "^1.13.0",
     "sql.js": "^1.11.0",
     "ws": "^8.18.0",
-    "@mcpspec/core": "1.0.3",
-    "@mcpspec/shared": "1.0.3"
+    "@mcpspec/core": "1.1.0",
+    "@mcpspec/shared": "1.1.0"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",