@mhingston5/conduit 1.0.0

package/tests/schema.cache.test.ts

@@ -0,0 +1,27 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import { SchemaCache } from '../src/gateway/schema.cache.js';
+import pino from 'pino';
+
+const logger = pino({ level: 'silent' });
+
+describe('SchemaCache', () => {
+    it('should cache and retrieve schemas', () => {
+        const cache = new SchemaCache(logger);
+        const tools = [{ name: 'test', inputSchema: {} }];
+
+        cache.set('upstream1', tools);
+        expect(cache.get('upstream1')).toEqual(tools);
+    });
+
+    it('should return undefined for missing entries', () => {
+        const cache = new SchemaCache(logger);
+        expect(cache.get('missing')).toBeUndefined();
+    });
+
+    it('should invalidate entries', () => {
+        const cache = new SchemaCache(logger);
+        cache.set('upstream1', []);
+        cache.invalidate('upstream1');
+        expect(cache.get('upstream1')).toBeUndefined();
+    });
+});

package/tests/sdk/sdk-generator.test.ts

@@ -0,0 +1,205 @@
+import { describe, it, expect } from 'vitest';
+import { SDKGenerator } from '../../src/sdk/sdk-generator.js';
+import { ToolBinding, toToolBinding, groupByNamespace } from '../../src/sdk/tool-binding.js';
+
+describe('SDKGenerator', () => {
+    const generator = new SDKGenerator();
+
+    describe('generateTypeScript', () => {
+        it('should generate SDK with nested namespace structure', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'github__createIssue', namespace: 'github', methodName: 'createIssue' },
+                { name: 'github__listRepos', namespace: 'github', methodName: 'listRepos' },
+                { name: 'slack__sendMessage', namespace: 'slack', methodName: 'sendMessage' },
+            ];
+
+            const code = generator.generateTypeScript(bindings);
+
+            expect(code).toContain('const tools = {');
+            expect(code).toContain('github: {');
+            expect(code).toContain('async createIssue(args)');
+            expect(code).toContain('await __internalCallTool("github__createIssue", args)');
+            expect(code).toContain('slack: {');
+            expect(code).toContain('async sendMessage(args)');
+            expect(code).toContain('(globalThis as any).tools = tools');
+        });
+
+        it('should include $raw escape hatch by default', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'test__method', namespace: 'test', methodName: 'method' },
+            ];
+
+            const code = generator.generateTypeScript(bindings);
+
+            expect(code).toContain('async $raw(name, args)');
+            expect(code).toContain('await __internalCallTool(normalized, args)');
+        });
+
+        it('should omit $raw when disabled', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'test__method', namespace: 'test', methodName: 'method' },
+            ];
+
+            const code = generator.generateTypeScript(bindings, undefined, false);
+
+            expect(code).not.toContain('$raw');
+        });
+
+        it('should include JSDoc comments from descriptions', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'github__createIssue', namespace: 'github', methodName: 'createIssue', description: 'Create a new GitHub issue' },
+            ];
+
+            const code = generator.generateTypeScript(bindings);
+
+            expect(code).toContain('/** Create a new GitHub issue */');
+        });
+
+        it('should handle empty bindings', () => {
+            const code = generator.generateTypeScript([]);
+
+            expect(code).toContain('const tools = {');
+            expect(code).toContain('async $raw(name, args)');
+        });
+    });
+
+    describe('generatePython', () => {
+        it('should generate SDK with nested namespace structure', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'github__createIssue', namespace: 'github', methodName: 'createIssue' },
+                { name: 'slack__sendMessage', namespace: 'slack', methodName: 'sendMessage' },
+            ];
+
+            const code = generator.generatePython(bindings);
+
+            expect(code).toContain('class _Tools:');
+            expect(code).toContain('self.github = _ToolNamespace');
+            expect(code).toContain('"create_issue"');  // snake_case conversion
+            expect(code).toContain('self.slack = _ToolNamespace');
+            expect(code).toContain('"send_message"');  // snake_case conversion
+            expect(code).toContain('tools = _Tools()');
+        });
+
+        it('should include raw escape hatch', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'test__method', namespace: 'test', methodName: 'method' },
+            ];
+
+            const code = generator.generatePython(bindings);
+
+            expect(code).toContain('async def raw(self, name, args)');
+            expect(code).toContain('await _internal_call_tool(normalized, args)');
+        });
+
+        it('should inject allowlist when provided', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'test__method', namespace: 'test', methodName: 'method' },
+            ];
+
+            const code = generator.generatePython(bindings, ['test.method', 'other.*']);
+
+            expect(code).toContain('_allowed_tools = ["test__method","other__*"]');
+            expect(code).toContain('if _allowed_tools is not None');
+        });
+    });
+});
+
+describe('SDK Allowlist Enforcement', () => {
+    const generator = new SDKGenerator();
+
+    describe('TypeScript', () => {
+        it('should inject allowlist when provided', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'github__createIssue', namespace: 'github', methodName: 'createIssue' },
+            ];
+
+            const code = generator.generateTypeScript(bindings, ['github.createIssue', 'slack.*']);
+
+            expect(code).toContain('const __allowedTools = ["github__createIssue","slack__*"]');
+            expect(code).toContain('if (__allowedTools)');
+        });
+
+        it('should set __allowedTools to null when no allowlist', () => {
+            const bindings: ToolBinding[] = [
+                { name: 'test__method', namespace: 'test', methodName: 'method' },
+            ];
+
+            const code = generator.generateTypeScript(bindings);
+
+            expect(code).toContain('const __allowedTools = null');
+        });
+
+        it('should include wildcard pattern matching', () => {
+            const bindings: ToolBinding[] = [];
+            const code = generator.generateTypeScript(bindings, ['github.*']);
+
+            expect(code).toContain("if (p.endsWith('__*'))");
+            expect(code).toContain('normalized.startsWith(p.slice(0, -1))');
+        });
+    });
+
+    describe('Python', () => {
+        it('should inject allowlist when provided', () => {
+            const bindings: ToolBinding[] = [];
+            const code = generator.generatePython(bindings, ['github.createIssue']);
+
+            expect(code).toContain('_allowed_tools = ["github__createIssue"]');
+            expect(code).toContain('if _allowed_tools is not None');
+        });
+
+        it('should set _allowed_tools to None when no allowlist', () => {
+            const bindings: ToolBinding[] = [];
+            const code = generator.generatePython(bindings);
+
+            expect(code).toContain('_allowed_tools = None');
+        });
+
+        it('should include wildcard pattern matching', () => {
+            const bindings: ToolBinding[] = [];
+            const code = generator.generatePython(bindings, ['github.*']);
+
+            expect(code).toContain('p.endswith("__*")');
+            expect(code).toContain('raise PermissionError');
+        });
+    });
+});
+
+describe('toToolBinding', () => {
+    it('should parse fully qualified tool name', () => {
+        const binding = toToolBinding('github__createIssue');
+
+        expect(binding.name).toBe('github__createIssue');
+        expect(binding.namespace).toBe('github');
+        expect(binding.methodName).toBe('createIssue');
+    });
+
+    it('should handle multi-part method names', () => {
+        const binding = toToolBinding('mcp__filesystem__read_file');
+
+        expect(binding.namespace).toBe('mcp');
+        expect(binding.methodName).toBe('filesystem__read_file');
+    });
+
+    it('should include optional fields', () => {
+        const schema = { type: 'object' };
+        const binding = toToolBinding('test__method', schema, 'Test description');
+
+        expect(binding.inputSchema).toEqual(schema);
+        expect(binding.description).toBe('Test description');
+    });
+});
+
+describe('groupByNamespace', () => {
+    it('should group bindings by namespace', () => {
+        const bindings: ToolBinding[] = [
+            { name: 'a__one', namespace: 'a', methodName: 'one' },
+            { name: 'a__two', namespace: 'a', methodName: 'two' },
+            { name: 'b__one', namespace: 'b', methodName: 'one' },
+        ];
+
+        const groups = groupByNamespace(bindings);
+
+        expect(groups.get('a')?.length).toBe(2);
+        expect(groups.get('b')?.length).toBe(1);
+    });
+});

package/tests/socket.transport.test.ts

@@ -0,0 +1,182 @@
+import { describe, it, expect, vi, afterEach, beforeEach } from 'vitest';
+import { SocketTransport } from '../src/transport/socket.transport.js';
+import { RequestController } from '../src/core/request.controller.js';
+import pino from 'pino';
+import net from 'node:net';
+import os from 'node:os';
+import path from 'node:path';
+import { SecurityService } from '../src/core/security.service.js';
+import { ExecutionService } from '../src/core/execution.service.js';
+import { ExecutorRegistry } from '../src/core/registries/executor.registry.js';
+import { buildDefaultMiddleware } from '../src/core/middleware/middleware.builder.js';
+
+import fs from 'node:fs';
+
+const logger = pino({ level: 'silent' });
+const defaultLimits = {
+    timeoutMs: 5000,
+    memoryLimitMb: 128,
+    maxOutputBytes: 1024,
+    maxLogEntries: 100,
+};
+
+describe('SocketTransport', () => {
+    let transport: SocketTransport;
+    let requestController: RequestController;
+    let securityService: any;
+    let concurrencyService: any;
+    let gatewayService: any;
+    const testToken = 'test-token';
+
+    beforeEach(() => {
+        gatewayService = {
+            discoverTools: vi.fn().mockResolvedValue([]), // Return empty array for SDK generation
+            callTool: vi.fn(),
+            listToolPackages: vi.fn().mockResolvedValue([]),
+            listToolStubs: vi.fn().mockResolvedValue([])
+        } as any;
+        securityService = new SecurityService(logger, testToken);
+        concurrencyService = {
+            run: vi.fn().mockImplementation((fn) => fn()),
+        } as any;
+
+        const executorRegistry = new ExecutorRegistry();
+        // Use real DenoExecutor for this E2E-like test
+        // But DenoExecutor initialization might be heavy? Whatever, it creates temp dir.
+        // Or we can mock it to return expected stdout.
+        // Let's use real one to match previous behavior.
+
+        // Since we are mocking Deno call in test via 'executeTypeScript', maybe we should mock DenoExecutor execution?
+        // But the test sends 'console.log...'.
+        // If we mock DenoExecutor, we can make it return 'hello E2E'.
+        // That's faster and safer.
+        const mockDenoExecutor = {
+            execute: vi.fn().mockImplementation(async (code) => {
+                // Simple mock that echoes input logic if needed, or just returns static because test sends specific string
+                if (code.includes('hello E2E')) return { stdout: 'hello E2E', stderr: '', exitCode: 0 };
+                if (code.includes('hello')) return { stdout: 'hello', stderr: '', exitCode: 0 }; // for server busy test
+                return { stdout: '', stderr: '', exitCode: 0 };
+            }),
+            shutdown: vi.fn(),
+            healthCheck: vi.fn(),
+            warmup: vi.fn()
+        };
+        executorRegistry.register('deno', mockDenoExecutor as any);
+
+        const executionService = new ExecutionService(
+            logger,
+            defaultLimits,
+            gatewayService,
+            securityService,
+            executorRegistry
+        );
+        executionService.ipcAddress = '127.0.0.1:0'; // Dummy address for tests
+
+        requestController = new RequestController(logger, executionService, gatewayService, buildDefaultMiddleware(securityService));
+    });
+
+    afterEach(async () => {
+        if (transport) {
+            await transport.close();
+        }
+    });
+
+    it('should listen on a TCP port in development mode', async () => {
+        transport = new SocketTransport(logger, requestController, concurrencyService);
+        const address = await transport.listen({ port: 0 }); // Random port
+        expect(address).toMatch(/127\.0\.0\.1:\d+|:::\d+|0\.0\.0\.0:\d+/);
+    });
+
+    if (os.platform() !== 'win32') {
+        it('should listen on a Unix socket', async () => {
+            const socketPath = path.join(os.tmpdir(), `conduit-test-${Date.now()}.sock`);
+            transport = new SocketTransport(logger, requestController, concurrencyService);
+            const address = await transport.listen({ path: socketPath });
+            expect(address).toBe(socketPath);
+            expect(fs.existsSync(socketPath)).toBe(true);
+
+            // Cleanup
+            if (fs.existsSync(socketPath)) fs.unlinkSync(socketPath);
+        });
+    }
+
+    it('should handle mcp.executeTypeScript request', async () => {
+        transport = new SocketTransport(logger, requestController, concurrencyService);
+        const address = await transport.listen({ port: 0 });
+        const portMatch = address.match(/:(\d+)$/);
+        const port = portMatch ? parseInt(portMatch[1]) : 0;
+        const host = address.replace(/:\d+$/, '').replace(/^\[|\]$/g, '');
+
+        return new Promise<void>((resolve, reject) => {
+            const client = net.createConnection({ host: host === '::' ? '::1' : host, port }, () => {
+                const request = {
+                    jsonrpc: '2.0',
+                    id: 1,
+                    method: 'mcp.executeTypeScript',
+                    params: { code: 'console.log("hello E2E")' },
+                    auth: { bearerToken: testToken }
+                };
+                client.write(JSON.stringify(request) + '\n');
+            });
+
+            client.on('data', (data) => {
+                const responseString = data.toString();
+                try {
+                    const response = JSON.parse(responseString);
+                    expect(response.id).toBe(1);
+                    expect(response.result.stdout).toContain('hello E2E');
+                    resolve();
+                } catch (err) {
+                    reject(err);
+                } finally {
+                    client.end();
+                }
+            });
+
+            client.on('error', reject);
+        });
+    });
+
+    it('should return server busy error with correct ID when queue is full', async () => {
+        const queueFullError = new Error('Queue full');
+        queueFullError.name = 'QueueFullError';
+        concurrencyService.run.mockRejectedValue(queueFullError);
+
+        transport = new SocketTransport(logger, requestController, concurrencyService);
+        const address = await transport.listen({ port: 0 });
+        const portMatch = address.match(/:(\d+)$/);
+        const port = portMatch ? parseInt(portMatch[1]) : 0;
+        const host = address.replace(/:\d+$/, '').replace(/^\[|\]$/g, '');
+
+        return new Promise<void>((resolve, reject) => {
+            const client = net.createConnection({ host: host === '::' ? '::1' : host, port }, () => {
+                const request = {
+                    jsonrpc: '2.0',
+                    id: 12345,
+                    method: 'mcp.executeTypeScript',
+                    params: { code: 'console.log("hello")' },
+                    auth: { bearerToken: testToken }
+                };
+                client.write(JSON.stringify(request) + '\n');
+            });
+
+            client.on('data', (data) => {
+                const responseString = data.toString();
+                try {
+                    const response = JSON.parse(responseString);
+                    expect(response.id).toBe(12345);
+                    expect(response.error).toBeDefined();
+                    expect(response.error.code).toBe(-32000); // ConduitError.ServerBusy
+                    expect(response.error.message).toBe('Server busy');
+                    resolve();
+                } catch (err) {
+                    reject(err);
+                } finally {
+                    client.end();
+                }
+            });
+
+            client.on('error', reject);
+        });
+    });
+});

package/tests/stdio_upstream.test.ts

@@ -0,0 +1,54 @@
+import { describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { UpstreamClient } from '../src/gateway/upstream.client.js';
+import { Logger } from 'pino';
+import { mock } from 'vitest-mock-extended';
+import { AuthService } from '../src/gateway/auth.service.js';
+import { IUrlValidator } from '../src/core/interfaces/url.validator.interface.js';
+import path from 'path';
+
+describe('UpstreamClient (Stdio)', () => {
+    const logger = mock<Logger>();
+    const authService = mock<AuthService>();
+    const urlValidator = mock<IUrlValidator>();
+    logger.child.mockReturnThis();
+
+    it('should connect to a local stdio server and call a tool', async () => {
+        const serverPath = path.resolve(__dirname, 'fixtures/stdio-server.ts');
+
+        // We use ts-node or just node with loader to run the ts file, 
+        // or we compile it. For simplicity in this env, we assume we can run it via node loader 
+        // OR we use a simple JS script if TS execution is complex in subprocess.
+        // Let's rely on tsx or similar if available, or just compile it?
+        // Actually, the project uses `vite-node` or `ts-node`.
+        // Let's try running it with `npx tsx`.
+
+        const client = new UpstreamClient(
+            logger,
+            {
+                id: 'stdio-test',
+                type: 'stdio',
+                command: 'npx',
+                args: ['tsx', serverPath],
+            },
+            authService,
+            urlValidator
+        );
+
+        // We simulate a JSON-RPC request like Gateway would send
+        const request = {
+            jsonrpc: '2.0',
+            id: '1',
+            method: 'tools/call', // SDK uses 'tools/call'
+            params: {
+                name: 'echo',
+                arguments: { message: 'Hello Stdio' },
+            },
+        };
+
+        const response = await client.call(request as any, { correlationId: 'test-corr' } as any);
+
+        expect(response.error).toBeUndefined();
+        expect(response.result).toBeDefined();
+        expect((response.result as any).content[0].text).toBe('Echo: Hello Stdio');
+    }, 10000);
+});

package/tsconfig.json

@@ -0,0 +1,25 @@
+{
+    "compilerOptions": {
+        "target": "ESNext",
+        "module": "NodeNext",
+        "moduleResolution": "NodeNext",
+        "lib": [
+            "ESNext"
+        ],
+        "strict": true,
+        "esModuleInterop": true,
+        "skipLibCheck": true,
+        "forceConsistentCasingInFileNames": true,
+        "outDir": "dist",
+        "rootDir": "src",
+        "declaration": true,
+        "sourceMap": true
+    },
+    "include": [
+        "src/**/*"
+    ],
+    "exclude": [
+        "node_modules",
+        "**/*.test.ts"
+    ]
+}

package/tsup.config.ts

@@ -0,0 +1,22 @@
+import { defineConfig } from 'tsup';
+
+export default defineConfig({
+    entry: {
+        index: 'src/index.ts',
+        'executors/pyodide.worker': 'src/executors/pyodide.worker.ts'
+    },
+    format: ['esm'],
+    dts: true,
+    splitting: false,
+    sourcemap: true,
+    clean: true,
+    loader: {
+        '.py': 'text',
+        '.ts': 'text', // We want the shim source as text
+    },
+    // Ensure assets are included
+    // We can use the 'onSuccess' hook to copy them or just include them in the bundle
+    // But the spec says 'into dist/assets', which implies they should be separate files.
+    // tsup doesn't have a direct 'copy directory' but we can use a custom plugin or hook.
+    onSuccess: 'mkdir -p dist/assets && cp src/assets/* dist/assets/',
+});