@mtaap/mcp 0.1.3 → 0.2.1

package/dist/cli.js

@@ -1,39 +1,1620 @@
 #!/usr/bin/env node
-import {
-  createMCPServer
-} from "./chunk-7YL3QGGO.js";
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+
+// src/index.ts
+var import_mcp = require("@modelcontextprotocol/sdk/server/mcp.js");
+var import_stdio = require("@modelcontextprotocol/sdk/server/stdio.js");
+
+// src/version.ts
+var VERSION = "0.2.1";
+
+// ../../packages/core/dist/constants/enums.js
+var TaskState;
+(function(TaskState3) {
+  TaskState3["BACKLOG"] = "BACKLOG";
+  TaskState3["READY"] = "READY";
+  TaskState3["IN_PROGRESS"] = "IN_PROGRESS";
+  TaskState3["REVIEW"] = "REVIEW";
+  TaskState3["DONE"] = "DONE";
+})(TaskState || (TaskState = {}));
+var UserRole;
+(function(UserRole2) {
+  UserRole2["ADMIN"] = "ADMIN";
+  UserRole2["MEMBER"] = "MEMBER";
+})(UserRole || (UserRole = {}));
+var ProjectType;
+(function(ProjectType2) {
+  ProjectType2["TEAM"] = "TEAM";
+  ProjectType2["PERSONAL"] = "PERSONAL";
+})(ProjectType || (ProjectType = {}));
+var ProjectOrigin;
+(function(ProjectOrigin2) {
+  ProjectOrigin2["CREATED"] = "CREATED";
+  ProjectOrigin2["PROMOTED"] = "PROMOTED";
+})(ProjectOrigin || (ProjectOrigin = {}));
+var TaskPriority;
+(function(TaskPriority2) {
+  TaskPriority2["LOW"] = "LOW";
+  TaskPriority2["MEDIUM"] = "MEDIUM";
+  TaskPriority2["HIGH"] = "HIGH";
+  TaskPriority2["CRITICAL"] = "CRITICAL";
+})(TaskPriority || (TaskPriority = {}));
+var DeploymentMode;
+(function(DeploymentMode2) {
+  DeploymentMode2["SAAS"] = "saas";
+  DeploymentMode2["ONPREM"] = "onprem";
+})(DeploymentMode || (DeploymentMode = {}));
+var ErrorType;
+(function(ErrorType3) {
+  ErrorType3["BUILD_FAILURE"] = "BUILD_FAILURE";
+  ErrorType3["TEST_FAILURE"] = "TEST_FAILURE";
+  ErrorType3["CONFLICT"] = "CONFLICT";
+  ErrorType3["AUTH_ERROR"] = "AUTH_ERROR";
+  ErrorType3["OTHER"] = "OTHER";
+})(ErrorType || (ErrorType = {}));
+var PRStatus;
+(function(PRStatus2) {
+  PRStatus2["OPEN"] = "OPEN";
+  PRStatus2["CLOSED"] = "CLOSED";
+  PRStatus2["MERGED"] = "MERGED";
+  PRStatus2["DELETED"] = "DELETED";
+})(PRStatus || (PRStatus = {}));
+var PricingTier;
+(function(PricingTier2) {
+  PricingTier2["FREE"] = "FREE";
+  PricingTier2["PRO"] = "PRO";
+  PricingTier2["ENTERPRISE"] = "ENTERPRISE";
+})(PricingTier || (PricingTier = {}));
+var ApiKeyPermission;
+(function(ApiKeyPermission2) {
+  ApiKeyPermission2["READ"] = "READ";
+  ApiKeyPermission2["WRITE"] = "WRITE";
+  ApiKeyPermission2["ADMIN"] = "ADMIN";
+})(ApiKeyPermission || (ApiKeyPermission = {}));
+var WebSocketEventType;
+(function(WebSocketEventType2) {
+  WebSocketEventType2["TASK_ASSIGNED"] = "task.assigned";
+  WebSocketEventType2["TASK_ABANDONED"] = "task.abandoned";
+  WebSocketEventType2["TASK_PROGRESS"] = "task.progress";
+  WebSocketEventType2["TASK_PR_CREATED"] = "task.pr_created";
+  WebSocketEventType2["TASK_REVIEW_REQUESTED"] = "task.review_requested";
+  WebSocketEventType2["TASK_COMPLETED"] = "task.completed";
+  WebSocketEventType2["TASK_ERROR"] = "task.error";
+  WebSocketEventType2["TASK_STATE_CHANGED"] = "task.state_changed";
+  WebSocketEventType2["MEMBER_JOINED"] = "member.joined";
+})(WebSocketEventType || (WebSocketEventType = {}));
+var AuthProvider;
+(function(AuthProvider2) {
+  AuthProvider2["CREDENTIALS"] = "credentials";
+  AuthProvider2["LDAP"] = "ldap";
+  AuthProvider2["SSO"] = "sso";
+})(AuthProvider || (AuthProvider = {}));
+var SubscriptionStatus;
+(function(SubscriptionStatus2) {
+  SubscriptionStatus2["ACTIVE"] = "ACTIVE";
+  SubscriptionStatus2["INACTIVE"] = "INACTIVE";
+  SubscriptionStatus2["PAST_DUE"] = "PAST_DUE";
+  SubscriptionStatus2["CANCELED"] = "CANCELED";
+  SubscriptionStatus2["INCOMPLETE"] = "INCOMPLETE";
+})(SubscriptionStatus || (SubscriptionStatus = {}));
+var EventType;
+(function(EventType2) {
+  EventType2["AUTH"] = "AUTH";
+  EventType2["AUTHORIZATION"] = "AUTHORIZATION";
+  EventType2["ACCESS"] = "ACCESS";
+  EventType2["MODIFICATION"] = "MODIFICATION";
+})(EventType || (EventType = {}));
+
+// ../../packages/core/dist/constants/state-machine.js
+var VALID_TRANSITIONS = {
+  [TaskState.BACKLOG]: [TaskState.READY],
+  [TaskState.READY]: [TaskState.BACKLOG, TaskState.IN_PROGRESS],
+  [TaskState.IN_PROGRESS]: [
+    TaskState.BACKLOG,
+    TaskState.READY,
+    TaskState.REVIEW
+  ],
+  [TaskState.REVIEW]: [
+    TaskState.BACKLOG,
+    TaskState.READY,
+    TaskState.IN_PROGRESS,
+    TaskState.DONE
+  ],
+  [TaskState.DONE]: []
+};
+
+// ../../packages/core/dist/version.js
+var VERSION2 = "0.1.0";
+
+// ../../packages/core/dist/config/index.js
+var DEPLOYMENT_MODE = process.env.DEPLOYMENT_MODE || "saas";
+var config = {
+  version: VERSION2,
+  deploymentMode: DEPLOYMENT_MODE,
+  billing: {
+    enabled: DEPLOYMENT_MODE === "saas",
+    revenuecat: {
+      publicKey: process.env.REVENUECAT_PUBLIC_API_KEY,
+      stripeKey: process.env.STRIPE_SECRET_KEY
+      // Required by RevenueCat Web Billing
+    }
+  },
+  licensing: {
+    enabled: DEPLOYMENT_MODE === "onprem",
+    licenseKey: process.env.LICENSE_KEY
+  },
+  auth: {
+    credentials: true,
+    ldap: process.env.LDAP_ENABLED === "true"
+  },
+  git: {
+    deleteMergedBranches: process.env.DELETE_MERGED_BRANCHES !== "false",
+    enforceConventionalCommits: process.env.ENFORCE_CONVENTIONAL_COMMITS === "true",
+    defaultBaseBranch: process.env.DEFAULT_BASE_BRANCH || "develop"
+  },
+  pricing: {
+    maxPersonalProjects: {
+      FREE: 2,
+      PRO: 5,
+      ENTERPRISE: 10
+    },
+    maxCollaboratorsPerProject: {
+      FREE: 3,
+      PRO: -1,
+      ENTERPRISE: -1
+    },
+    maxProjectsPerOrg: {
+      FREE: 5,
+      PRO: -1,
+      ENTERPRISE: -1
+    },
+    maxSeats: {
+      FREE: 3,
+      PRO: -1,
+      ENTERPRISE: -1
+    },
+    // Default seats when subscription doesn't specify an explicit seat count
+    defaultSeats: {
+      FREE: 3,
+      PRO: 10,
+      ENTERPRISE: 999999
+    }
+  },
+  features: {
+    stripe: {
+      enabled: DEPLOYMENT_MODE === "saas"
+    },
+    gitlab: {
+      enabled: true
+    },
+    ldap: {
+      enabled: process.env.LDAP_ENABLED === "true"
+    },
+    auditLogs: {
+      enabled: process.env.AUDIT_LOGS_ENABLED === "true"
+    }
+  },
+  api: {
+    apiKey: {
+      defaultExpiryDays: 90,
+      prefix: "usr_"
+    },
+    rateLimit: {
+      requestsPerMinute: 100,
+      requestsPerHour: 1e3
+    }
+  },
+  limits: {
+    projectNameMaxLength: 100,
+    taskDescriptionMaxLength: 5e3,
+    notesMaxLength: 500,
+    conventionsNotesMaxLength: 500,
+    recentCompletedTasksLimit: 10
+  }
+};
+var DEFAULT_SEAT_LIMITS = {
+  [PricingTier.FREE]: config.pricing.defaultSeats.FREE,
+  [PricingTier.PRO]: config.pricing.defaultSeats.PRO,
+  [PricingTier.ENTERPRISE]: config.pricing.defaultSeats.ENTERPRISE
+};
+
+// ../../packages/core/dist/types/index.js
+var import_zod = require("zod");
+var UserIdSchema = import_zod.z.string().regex(/^usr_[a-zA-Z0-9]+$/);
+var UserSchema = import_zod.z.object({
+  id: UserIdSchema,
+  email: import_zod.z.string().email(),
+  name: import_zod.z.string().min(1).max(255),
+  role: import_zod.z.nativeEnum(UserRole),
+  organizationId: import_zod.z.string().optional(),
+  lastActiveAt: import_zod.z.coerce.date().optional(),
+  createdAt: import_zod.z.coerce.date()
+});
+var OrganizationUserSchema = import_zod.z.object({
+  id: import_zod.z.number().int(),
+  userId: UserIdSchema,
+  organizationId: import_zod.z.string(),
+  roleId: import_zod.z.nativeEnum(UserRole).optional(),
+  user: UserSchema.pick({ id: true, email: true, name: true, role: true }),
+  createdAt: import_zod.z.coerce.date()
+});
+var OrganizationIdSchema = import_zod.z.string().regex(/^org_[a-zA-Z0-9]+$/);
+var OrganizationSchema = import_zod.z.object({
+  id: OrganizationIdSchema,
+  name: import_zod.z.string().min(1).max(255),
+  slug: import_zod.z.string().min(1).max(100).regex(/^[a-z0-9-]+$/),
+  logoUrl: import_zod.z.string().url().nullable(),
+  accentColor: import_zod.z.string().regex(/^#[0-9A-Fa-f]{6}$/).nullable(),
+  tenantName: import_zod.z.string().nullable(),
+  pricingTier: import_zod.z.nativeEnum(PricingTier),
+  createdAt: import_zod.z.coerce.date()
+});
+var OrganizationSettingsSchema = import_zod.z.object({
+  organizationId: OrganizationIdSchema,
+  ldapEnabled: import_zod.z.boolean(),
+  ldapUrl: import_zod.z.string().url().nullable(),
+  ldapBindDN: import_zod.z.string().nullable(),
+  ldapSearchBase: import_zod.z.string().nullable(),
+  deleteMergedBranches: import_zod.z.boolean(),
+  enforceConventionalCommits: import_zod.z.boolean(),
+  maxPersonalProjectsPerUser: import_zod.z.number().int().min(0)
+});
+var TagSchema = import_zod.z.object({
+  id: import_zod.z.string(),
+  name: import_zod.z.string().min(1).max(50),
+  organizationId: OrganizationIdSchema,
+  createdAt: import_zod.z.coerce.date()
+});
+var ProjectIdSchema = import_zod.z.string().regex(/^prj_[a-zA-Z0-9]+$/);
+var ProjectSchema = import_zod.z.object({
+  id: ProjectIdSchema,
+  name: import_zod.z.string().min(1).max(100),
+  description: import_zod.z.string().max(500).nullable(),
+  type: import_zod.z.nativeEnum(ProjectType),
+  origin: import_zod.z.nativeEnum(ProjectOrigin),
+  organizationId: OrganizationIdSchema,
+  ownerId: UserIdSchema.nullable(),
+  repositoryUrl: import_zod.z.string().url(),
+  baseBranch: import_zod.z.string().default("develop"),
+  tags: import_zod.z.array(import_zod.z.string()),
+  createdAt: import_zod.z.coerce.date(),
+  updatedAt: import_zod.z.coerce.date()
+});
+var EpicIdSchema = import_zod.z.string().regex(/^epc_[a-zA-Z0-9]+$/);
+var EpicSchema = import_zod.z.object({
+  id: EpicIdSchema,
+  projectId: ProjectIdSchema,
+  name: import_zod.z.string().min(1).max(200),
+  description: import_zod.z.string().nullable(),
+  createdAt: import_zod.z.coerce.date(),
+  updatedAt: import_zod.z.coerce.date()
+});
+var TaskIdSchema = import_zod.z.string().regex(/^tsk_[a-zA-Z0-9]+$/);
+var TaskSchema = import_zod.z.object({
+  id: TaskIdSchema,
+  projectId: ProjectIdSchema,
+  epicId: EpicIdSchema.nullable(),
+  title: import_zod.z.string().min(1).max(200),
+  description: import_zod.z.string().max(5e3),
+  state: import_zod.z.nativeEnum(TaskState),
+  priority: import_zod.z.nativeEnum(TaskPriority),
+  assigneeId: UserIdSchema.nullable(),
+  createdBy: UserIdSchema.nullable(),
+  assignedAt: import_zod.z.coerce.date().nullable(),
+  startedAt: import_zod.z.coerce.date().nullable(),
+  completedAt: import_zod.z.coerce.date().nullable(),
+  branchName: import_zod.z.string().nullable(),
+  pullRequestUrl: import_zod.z.string().url().nullable(),
+  pullRequestNumber: import_zod.z.number().int().nullable(),
+  pullRequestStatus: import_zod.z.nativeEnum(PRStatus).nullable(),
+  errorType: import_zod.z.nativeEnum(ErrorType).nullable(),
+  errorMessage: import_zod.z.string().max(1e3).nullable(),
+  createdAt: import_zod.z.coerce.date(),
+  updatedAt: import_zod.z.coerce.date()
+});
+var AcceptanceCriterionSchema = import_zod.z.object({
+  id: import_zod.z.string(),
+  taskId: TaskIdSchema,
+  description: import_zod.z.string().min(1).max(500),
+  completed: import_zod.z.boolean(),
+  completedAt: import_zod.z.coerce.date().nullable(),
+  order: import_zod.z.number().int(),
+  createdAt: import_zod.z.coerce.date()
+});
+var ProgressUpdateSchema = import_zod.z.object({
+  id: import_zod.z.string(),
+  taskId: TaskIdSchema,
+  userId: UserIdSchema,
+  message: import_zod.z.string().max(2e3),
+  checkpoints: import_zod.z.array(import_zod.z.string()).optional(),
+  createdAt: import_zod.z.coerce.date()
+});
+var TaskNoteSchema = import_zod.z.object({
+  id: import_zod.z.string(),
+  taskId: TaskIdSchema,
+  userId: UserIdSchema,
+  content: import_zod.z.string().max(500),
+  createdAt: import_zod.z.coerce.date()
+});
+var ApiKeyIdSchema = import_zod.z.string().regex(/^key_[a-zA-Z0-9]+$/);
+var ApiKeySchema = import_zod.z.object({
+  id: ApiKeyIdSchema,
+  userId: UserIdSchema,
+  name: import_zod.z.string().min(1).max(100),
+  keyHash: import_zod.z.string(),
+  permissions: import_zod.z.nativeEnum(ApiKeyPermission),
+  lastUsedAt: import_zod.z.coerce.date().nullable(),
+  expiresAt: import_zod.z.coerce.date().nullable(),
+  revoked: import_zod.z.boolean(),
+  createdAt: import_zod.z.coerce.date()
+});
+var SubscriptionIdSchema = import_zod.z.string();
+var SubscriptionSchema = import_zod.z.object({
+  id: SubscriptionIdSchema,
+  organizationId: OrganizationIdSchema,
+  pricingTier: import_zod.z.nativeEnum(PricingTier),
+  seats: import_zod.z.number().int().min(0),
+  stripeSubscriptionId: import_zod.z.string().nullable(),
+  stripeCustomerId: import_zod.z.string().nullable(),
+  status: import_zod.z.enum(["active", "past_due", "canceled", "incomplete"]),
+  currentPeriodStart: import_zod.z.coerce.date(),
+  currentPeriodEnd: import_zod.z.coerce.date(),
+  createdAt: import_zod.z.coerce.date()
+});
+var ProjectCollaboratorSchema = import_zod.z.object({
+  id: import_zod.z.string(),
+  projectId: ProjectIdSchema,
+  userId: UserIdSchema,
+  addedBy: UserIdSchema,
+  createdAt: import_zod.z.coerce.date()
+});
+
+// ../../packages/core/dist/validation/index.js
+var import_zod2 = require("zod");
+var ListProjectsInputSchema = import_zod2.z.object({
+  workspaceType: import_zod2.z.preprocess((val) => typeof val === "string" ? val.toUpperCase() : val, import_zod2.z.enum(["TEAM", "PERSONAL", "ALL"]).optional())
+});
+var ListTasksInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().optional(),
+  state: import_zod2.z.nativeEnum(TaskState).optional(),
+  assigneeId: import_zod2.z.string().optional()
+});
+var GetTaskInputSchema = import_zod2.z.object({
+  taskId: import_zod2.z.string().regex(/^tsk_[a-zA-Z0-9]+$/)
+});
+var AssignTaskInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().regex(/^prj_[a-zA-Z0-9]+$/),
+  taskId: import_zod2.z.string().regex(/^tsk_[a-zA-Z0-9]+$/),
+  expectedState: import_zod2.z.nativeEnum(TaskState).default(TaskState.READY)
+});
+var UpdateProgressInputSchema = import_zod2.z.object({
+  taskId: import_zod2.z.string().regex(/^tsk_[a-zA-Z0-9]+$/),
+  statusMessage: import_zod2.z.string().max(1e3).optional(),
+  completedCheckpointIds: import_zod2.z.array(import_zod2.z.string()).optional(),
+  currentCheckpointIndex: import_zod2.z.number().int().optional()
+});
+var CompleteTaskInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().regex(/^prj_[a-zA-Z0-9]+$/),
+  taskId: import_zod2.z.string().regex(/^tsk_[a-zA-Z0-9]+$/),
+  pullRequestTitle: import_zod2.z.string().min(1).max(300).optional(),
+  pullRequestBody: import_zod2.z.string().max(1e4).optional()
+});
+var ReportErrorInputSchema = import_zod2.z.object({
+  taskId: import_zod2.z.string().regex(/^tsk_[a-zA-Z0-9]+$/),
+  errorType: import_zod2.z.nativeEnum(ErrorType),
+  errorMessage: import_zod2.z.string().min(1).max(1e3),
+  context: import_zod2.z.string().max(2e3).optional()
+});
+var GetProjectContextInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().regex(/^prj_[a-zA-Z0-9]+$/)
+});
+var AddNoteInputSchema = import_zod2.z.object({
+  taskId: import_zod2.z.string().regex(/^tsk_[a-zA-Z0-9]+$/),
+  content: import_zod2.z.string().min(1).max(500)
+});
+var AbandonTaskInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().regex(/^prj_[a-zA-Z0-9]+$/),
+  taskId: import_zod2.z.string().regex(/^tsk_[a-zA-Z0-9]+$/),
+  deleteBranch: import_zod2.z.boolean().optional()
+});
+var CreatePersonalProjectInputSchema = import_zod2.z.object({
+  name: import_zod2.z.string().min(1).max(100),
+  description: import_zod2.z.string().max(500).optional(),
+  repositoryUrl: import_zod2.z.string().url()
+});
+var CheckActiveTaskInputSchema = import_zod2.z.object({});
+var CreateOrganizationInputSchema = import_zod2.z.object({
+  name: import_zod2.z.string().min(1).max(255),
+  slug: import_zod2.z.string().min(1).max(100).regex(/^[a-z0-9-]+$/).optional()
+});
+var UpdateOrganizationInputSchema = import_zod2.z.object({
+  organizationId: import_zod2.z.string().regex(/^org_[a-zA-Z0-9]+$/),
+  name: import_zod2.z.string().min(1).max(255).optional(),
+  logoUrl: import_zod2.z.string().url().nullable().optional(),
+  accentColor: import_zod2.z.string().regex(/^#[0-9A-Fa-f]{6}$/, "Invalid hex color format. Expected #RRGGBB").nullable().optional(),
+  tenantName: import_zod2.z.string().max(255).nullable().optional()
+});
+var CreateProjectInputSchema = import_zod2.z.object({
+  name: import_zod2.z.string().min(1).max(100),
+  description: import_zod2.z.string().max(500).optional(),
+  type: import_zod2.z.nativeEnum(ProjectType),
+  repositoryUrl: import_zod2.z.string().url(),
+  baseBranch: import_zod2.z.string().default("develop").optional(),
+  tags: import_zod2.z.array(import_zod2.z.string()).default([])
+});
+var UpdateProjectInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().min(1).optional(),
+  name: import_zod2.z.string().min(1).max(100).optional(),
+  description: import_zod2.z.string().max(500).optional(),
+  repositoryUrl: import_zod2.z.string().url().optional(),
+  baseBranch: import_zod2.z.string().optional(),
+  tags: import_zod2.z.array(import_zod2.z.string()).optional()
+});
+var CreateEpicInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().regex(/^prj_[a-zA-Z0-9]+$/),
+  name: import_zod2.z.string().min(1).max(200),
+  description: import_zod2.z.string().max(2e3).optional()
+});
+var CreateTaskInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().min(1),
+  epicId: import_zod2.z.string().min(1).nullable().optional(),
+  title: import_zod2.z.string().min(1).max(200),
+  description: import_zod2.z.string().max(5e3),
+  priority: import_zod2.z.nativeEnum(TaskPriority).default(TaskPriority.MEDIUM),
+  acceptanceCriteria: import_zod2.z.array(import_zod2.z.object({
+    description: import_zod2.z.string().min(1).max(500)
+  })).min(1)
+});
+var UpdateTaskInputSchema = import_zod2.z.object({
+  taskId: import_zod2.z.string().min(1),
+  title: import_zod2.z.string().min(1).max(200).optional(),
+  description: import_zod2.z.string().max(5e3).optional(),
+  priority: import_zod2.z.nativeEnum(TaskPriority).optional(),
+  state: import_zod2.z.nativeEnum(TaskState).optional(),
+  assigneeId: import_zod2.z.string().nullable().optional(),
+  acceptanceCriteria: import_zod2.z.array(import_zod2.z.object({
+    id: import_zod2.z.string().optional(),
+    description: import_zod2.z.string().min(1).max(500),
+    completed: import_zod2.z.boolean().optional()
+  })).optional()
+});
+var AssignTaskWebappInputSchema = import_zod2.z.object({
+  taskId: import_zod2.z.string().min(1),
+  userId: import_zod2.z.string().min(1)
+});
+var CreateTagInputSchema = import_zod2.z.object({
+  organizationId: import_zod2.z.string().regex(/^org_[a-zA-Z0-9]+$/),
+  name: import_zod2.z.string().min(1).max(50).regex(/^[a-zA-Z0-9\s-]+$/)
+});
+var UpdateTagInputSchema = import_zod2.z.object({
+  name: import_zod2.z.string().min(1).max(50).regex(/^[a-zA-Z0-9\s-]+$/)
+});
+var UpdateOrganizationSettingsInputSchema = import_zod2.z.object({
+  organizationId: import_zod2.z.string().regex(/^org_[a-zA-Z0-9]+$/),
+  ldapEnabled: import_zod2.z.boolean().optional(),
+  ldapUrl: import_zod2.z.string().url().nullable().optional(),
+  ldapBindDN: import_zod2.z.string().nullable().optional(),
+  ldapSearchBase: import_zod2.z.string().nullable().optional(),
+  deleteMergedBranches: import_zod2.z.boolean().optional(),
+  enforceConventionalCommits: import_zod2.z.boolean().optional(),
+  maxPersonalProjectsPerUser: import_zod2.z.number().int().min(0).optional(),
+  logoUrl: import_zod2.z.string().url().nullable().optional(),
+  accentColor: import_zod2.z.string().regex(/^#[0-9A-Fa-f]{6}$/, "Invalid hex color format. Expected #RRGGBB").nullable().optional(),
+  tenantName: import_zod2.z.string().max(255).nullable().optional()
+});
+var InviteUserInputSchema = import_zod2.z.object({
+  organizationId: import_zod2.z.string().regex(/^org_[a-zA-Z0-9]+$/),
+  email: import_zod2.z.string().email(),
+  role: import_zod2.z.nativeEnum(UserRole).default(UserRole.MEMBER),
+  tags: import_zod2.z.array(import_zod2.z.string()).default([])
+});
+var AssignUserTagsInputSchema = import_zod2.z.object({
+  userId: import_zod2.z.string().regex(/^usr_[a-zA-Z0-9]+$/),
+  tags: import_zod2.z.array(import_zod2.z.string()).min(0)
+});
+var InviteCollaboratorInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().regex(/^prj_[a-zA-Z0-9]+$/),
+  email: import_zod2.z.string().email()
+});
+var PublishProjectInputSchema = import_zod2.z.object({
+  projectId: import_zod2.z.string().regex(/^prj_[a-zA-Z0-9]+$/),
+  transferOwnership: import_zod2.z.boolean().default(false),
+  tags: import_zod2.z.array(import_zod2.z.string()).min(1)
+});
+var GenerateApiKeyInputSchema = import_zod2.z.object({
+  name: import_zod2.z.string().min(1).max(100),
+  expiresInDays: import_zod2.z.number().int().min(1).max(365).default(90),
+  permissions: import_zod2.z.nativeEnum(ApiKeyPermission).default(ApiKeyPermission.WRITE)
+});
+var RevokeApiKeyInputSchema = import_zod2.z.object({
+  keyId: import_zod2.z.string().regex(/^key_[a-zA-Z0-9]+$/)
+});
+var LoginInputSchema = import_zod2.z.object({
+  email: import_zod2.z.string().email(),
+  password: import_zod2.z.string().min(8).max(255)
+});
+var RegisterInputSchema = import_zod2.z.object({
+  email: import_zod2.z.string().email(),
+  password: import_zod2.z.string().min(8).max(255),
+  name: import_zod2.z.string().min(1).max(255),
+  organizationSlug: import_zod2.z.string().min(1).max(100).regex(/^[a-z0-9-]+$/).optional()
+});
+
+// ../../packages/core/dist/logging/metrics.js
+var metrics = /* @__PURE__ */ new Map();
+function labelsToKey(labels) {
+  if (!labels || Object.keys(labels).length === 0)
+    return "";
+  return Object.entries(labels).sort(([a], [b]) => a.localeCompare(b)).map(([k, v]) => `${k}="${v}"`).join(",");
+}
+function createCounter(name, help) {
+  const data = {
+    name,
+    type: "counter",
+    help,
+    values: /* @__PURE__ */ new Map()
+  };
+  metrics.set(name, data);
+  return {
+    inc(labels, value = 1) {
+      const key = labelsToKey(labels);
+      const current = data.values.get(key) || 0;
+      data.values.set(key, current + value);
+    }
+  };
+}
+function createGauge(name, help) {
+  const data = {
+    name,
+    type: "gauge",
+    help,
+    values: /* @__PURE__ */ new Map()
+  };
+  metrics.set(name, data);
+  return {
+    set(labels, value) {
+      const key = labelsToKey(labels);
+      data.values.set(key, value);
+    },
+    inc(labels, value = 1) {
+      const key = labelsToKey(labels);
+      const current = data.values.get(key) || 0;
+      data.values.set(key, current + value);
+    },
+    dec(labels, value = 1) {
+      const key = labelsToKey(labels);
+      const current = data.values.get(key) || 0;
+      data.values.set(key, current - value);
+    }
+  };
+}
+function createHistogram(name, help, buckets = [5e-3, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10]) {
+  const data = {
+    name,
+    type: "histogram",
+    help,
+    values: /* @__PURE__ */ new Map(),
+    buckets
+  };
+  metrics.set(name, data);
+  return {
+    observe(labels, value) {
+      const baseKey = labelsToKey(labels);
+      const sumKey = `${baseKey}|sum`;
+      const countKey = `${baseKey}|count`;
+      data.values.set(sumKey, (data.values.get(sumKey) || 0) + value);
+      data.values.set(countKey, (data.values.get(countKey) || 0) + 1);
+      for (const bucket of buckets) {
+        const bucketKey = `${baseKey}|le="${bucket}"`;
+        if (value <= bucket) {
+          data.values.set(bucketKey, (data.values.get(bucketKey) || 0) + 1);
+        }
+      }
+      const infKey = `${baseKey}|le="+Inf"`;
+      data.values.set(infKey, (data.values.get(infKey) || 0) + 1);
+    }
+  };
+}
+var httpRequestsTotal = createCounter("mtaap_http_requests_total", "Total number of HTTP requests");
+var httpRequestDuration = createHistogram("mtaap_http_request_duration_seconds", "HTTP request duration in seconds");
+var activeUsers = createGauge("mtaap_active_users", "Number of active users");
+var tasksTotal = createCounter("mtaap_tasks_total", "Total number of tasks by state");
+var taskStateChanges = createCounter("mtaap_task_state_changes_total", "Total number of task state changes");
+var httpErrorsTotal = createCounter("mtaap_http_errors_total", "Total number of HTTP errors");
+var httpActiveConnections = createGauge("mtaap_http_active_connections", "Number of active HTTP connections");
+var newSignupsTotal = createCounter("mtaap_new_signups_total", "Total number of new user signups");
+var loginSuccessTotal = createCounter("mtaap_login_success_total", "Total number of successful logins");
+var loginFailureTotal = createCounter("mtaap_login_failure_total", "Total number of failed logins");
+var dbConnectionPoolActive = createGauge("mtaap_db_connection_pool_active", "Number of active database connections");
+var dbConnectionPoolIdle = createGauge("mtaap_db_connection_pool_idle", "Number of idle database connections");
+var dbConnectionPoolMax = createGauge("mtaap_db_connection_pool_max", "Maximum number of database connections");
+var dbQueryDuration = createHistogram("mtaap_db_query_duration_seconds", "Database query duration in seconds");
+var dbSlowQueriesTotal = createCounter("mtaap_db_slow_queries_total", "Total number of slow database queries (>1s)");
+var dbErrorsTotal = createCounter("mtaap_db_errors_total", "Total number of database errors");
+var tasksCreatedTotal = createCounter("mtaap_tasks_created_total", "Total number of tasks created");
+var tasksAssignedTotal = createCounter("mtaap_tasks_assigned_total", "Total number of tasks assigned");
+var tasksCompletedTotal = createCounter("mtaap_tasks_completed_total", "Total number of tasks completed");
+var tasksByState = createGauge("mtaap_tasks_by_state", "Number of tasks by state");
+
+// ../../packages/core/dist/logging/performance-monitor.js
+var MAX_SAMPLES = 1e3;
+var ALERT_COOLDOWN_MS = 5 * 60 * 1e3;
+var DEFAULT_THRESHOLDS = {
+  api: {
+    p50: 100,
+    p95: 500,
+    p99: 1e3
+  },
+  db: {
+    p95: 100,
+    p99: 500
+  },
+  webvitals: {
+    FCP: 2e3,
+    LCP: 2500,
+    FID: 100,
+    CLS: 0.1
+  }
+};
+function cloneThresholds() {
+  return Object.fromEntries(Object.entries(DEFAULT_THRESHOLDS).map(([category, metrics2]) => [
+    category,
+    { ...metrics2 }
+  ]));
+}
+function labelsToKey2(labels) {
+  if (!labels || Object.keys(labels).length === 0)
+    return "";
+  return Object.entries(labels).sort(([a], [b]) => a.localeCompare(b)).map(([key, value]) => `${key}="${value}"`).join(",");
+}
+function percentile(sortedValues, percentileValue) {
+  if (sortedValues.length === 0)
+    return 0;
+  const rank = Math.ceil(percentileValue / 100 * sortedValues.length);
+  const index = Math.min(Math.max(rank - 1, 0), sortedValues.length - 1);
+  return sortedValues[index];
+}
+var CircularBuffer = class {
+  capacity;
+  values = [];
+  index = 0;
+  size = 0;
+  constructor(capacity) {
+    this.capacity = capacity;
+  }
+  add(value) {
+    if (this.size < this.capacity) {
+      this.values.push(value);
+      this.size += 1;
+      this.index = this.size % this.capacity;
+      return;
+    }
+    this.values[this.index] = value;
+    this.index = (this.index + 1) % this.capacity;
+  }
+  getValues() {
+    if (this.size < this.capacity) {
+      return this.values.slice(0, this.size);
+    }
+    return this.values.slice();
+  }
+};
+var PerformanceMonitor = class {
+  samples = /* @__PURE__ */ new Map();
+  thresholds = cloneThresholds();
+  alertCallback;
+  lastAlertTimestamps = /* @__PURE__ */ new Map();
+  recordTiming(category, name, durationMs, labels) {
+    if (!Number.isFinite(durationMs))
+      return;
+    const categoryMap = this.getCategoryMap(category);
+    const nameMap = this.getNameMap(categoryMap, name);
+    const labelKey = labelsToKey2(labels);
+    const buffer = nameMap.get(labelKey) ?? new CircularBuffer(MAX_SAMPLES);
+    buffer.add(durationMs);
+    nameMap.set(labelKey, buffer);
+  }
+  getPercentiles(category, name) {
+    const samples = this.collectSamples(category, name);
+    if (samples.length === 0) {
+      return { p50: 0, p95: 0, p99: 0 };
+    }
+    const sorted = [...samples].sort((a, b) => a - b);
+    return {
+      p50: percentile(sorted, 50),
+      p95: percentile(sorted, 95),
+      p99: percentile(sorted, 99)
+    };
+  }
+  checkThresholds() {
+    const alerts = [];
+    const now = Date.now();
+    const callbackAlerts = [];
+    for (const [category, nameMap] of this.samples) {
+      const thresholds = this.thresholds[category];
+      if (!thresholds)
+        continue;
+      for (const name of nameMap.keys()) {
+        const percentiles = this.getPercentiles(category, name);
+        for (const [metric, threshold] of Object.entries(thresholds)) {
+          const value = this.resolveMetricValue(metric, name, percentiles);
+          if (value === void 0 || value <= threshold)
+            continue;
+          const alert = {
+            category,
+            name,
+            metric,
+            value,
+            threshold
+          };
+          alerts.push(alert);
+          const alertKey = `${category}|${name}|${metric}`;
+          const lastAlertTime = this.lastAlertTimestamps.get(alertKey);
+          if (!lastAlertTime || now - lastAlertTime >= ALERT_COOLDOWN_MS) {
+            this.lastAlertTimestamps.set(alertKey, now);
+            callbackAlerts.push(alert);
+          }
+        }
+      }
+    }
+    if (callbackAlerts.length > 0 && this.alertCallback) {
+      this.alertCallback(callbackAlerts);
+    }
+    return alerts;
+  }
+  setAlertCallback(callback) {
+    this.alertCallback = callback;
+  }
+  setThreshold(category, metric, value) {
+    if (!this.thresholds[category]) {
+      this.thresholds[category] = {};
+    }
+    this.thresholds[category][metric] = value;
+  }
+  collectSamples(category, name) {
+    const categoryMap = this.samples.get(category);
+    if (!categoryMap)
+      return [];
+    const entries = name ? [[name, categoryMap.get(name)]] : Array.from(categoryMap.entries());
+    const samples = [];
+    for (const [, labelMap] of entries) {
+      if (!labelMap)
+        continue;
+      for (const buffer of labelMap.values()) {
+        samples.push(...buffer.getValues());
+      }
+    }
+    return samples;
+  }
+  resolveMetricValue(metric, name, percentiles) {
+    if (metric === "p50")
+      return percentiles.p50;
+    if (metric === "p95")
+      return percentiles.p95;
+    if (metric === "p99")
+      return percentiles.p99;
+    if (metric === name)
+      return percentiles.p95;
+    return void 0;
+  }
+  getCategoryMap(category) {
+    const existing = this.samples.get(category);
+    if (existing)
+      return existing;
+    const created = /* @__PURE__ */ new Map();
+    this.samples.set(category, created);
+    return created;
+  }
+  getNameMap(categoryMap, name) {
+    const existing = categoryMap.get(name);
+    if (existing)
+      return existing;
+    const created = /* @__PURE__ */ new Map();
+    categoryMap.set(name, created);
+    return created;
+  }
+};
+var defaultMonitor = new PerformanceMonitor();
+
+// ../../packages/core/dist/logging/error-tracker.js
+var NoOpErrorTracker = class {
+  captureError(error, context) {
+    console.error("Error captured:", error.message, context);
+  }
+  captureException(error, context) {
+    console.error("Exception captured:", error, context);
+  }
+  captureMessage(message, level, context) {
+    console[level === "warning" ? "warn" : level](`Message captured [${level}]:`, message, context);
+  }
+  setUser(user) {
+    console.log("User set:", user);
+  }
+  clearUser() {
+    console.log("User cleared");
+  }
+};
+var errorTrackerInstance = new NoOpErrorTracker();
+
+// src/api-client.ts
+var DEFAULT_TIMEOUT = 3e4;
+var ApiError = class extends Error {
+  constructor(message, code, status, details) {
+    super(message);
+    this.code = code;
+    this.status = status;
+    this.details = details;
+    this.name = "ApiError";
+  }
+};
+var MCPApiClient = class {
+  baseUrl;
+  apiKey;
+  timeout;
+  debug;
+  authContext = null;
+  constructor(config2) {
+    this.baseUrl = config2.baseUrl.replace(/\/$/, "");
+    this.apiKey = config2.apiKey;
+    this.timeout = config2.timeout ?? DEFAULT_TIMEOUT;
+    this.debug = config2.debug ?? false;
+  }
+  /**
+   * Make an HTTP request to the API
+   */
+  async request(method, path, body) {
+    const url = `${this.baseUrl}${path}`;
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+    if (this.debug) {
+      console.error(`[mcp-api] ${method} ${url}`);
+    }
+    try {
+      const response = await fetch(url, {
+        method,
+        headers: {
+          "Content-Type": "application/json",
+          "X-API-Key": this.apiKey
+        },
+        body: body ? JSON.stringify(body) : void 0,
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
+      const data = await response.json();
+      if (!response.ok) {
+        throw new ApiError(
+          data.error || "API request failed",
+          data.code || "UNKNOWN_ERROR",
+          response.status,
+          data.details
+        );
+      }
+      return data;
+    } catch (error) {
+      clearTimeout(timeoutId);
+      if (error instanceof ApiError) {
+        throw error;
+      }
+      if (error instanceof Error && error.name === "AbortError") {
+        throw new ApiError(
+          "Request timed out",
+          "TIMEOUT",
+          408
+        );
+      }
+      throw new ApiError(
+        error instanceof Error ? error.message : "Unknown error",
+        "NETWORK_ERROR",
+        0
+      );
+    }
+  }
+  /**
+   * Authenticate and get user context
+   */
+  async authenticate() {
+    const context = await this.request("GET", "/api/mcp/auth");
+    this.authContext = context;
+    return context;
+  }
+  /**
+   * Get cached auth context or authenticate
+   */
+  async getAuthContext() {
+    if (this.authContext) {
+      return this.authContext;
+    }
+    return this.authenticate();
+  }
+  /**
+   * List accessible projects
+   */
+  async listProjects(workspaceType = "ALL") {
+    return this.request(
+      "GET",
+      `/api/mcp/projects?workspaceType=${encodeURIComponent(workspaceType)}`
+    );
+  }
+  /**
+   * Get single project details
+   */
+  async getProject(projectId) {
+    return this.request("GET", `/api/mcp/projects/${projectId}`);
+  }
+  /**
+   * Get project context (README, stack, conventions)
+   */
+  async getProjectContext(projectId) {
+    return this.request(
+      "GET",
+      `/api/mcp/projects/${projectId}/context`
+    );
+  }
+  /**
+   * Create a personal project
+   */
+  async createPersonalProject(name, description, repositoryUrl) {
+    return this.request(
+      "POST",
+      "/api/mcp/projects/personal",
+      { name, description, repositoryUrl }
+    );
+  }
+  /**
+   * List tasks with optional filters
+   */
+  async listTasks(filters = {}) {
+    const params = new URLSearchParams();
+    if (filters.projectId) params.set("projectId", filters.projectId);
+    if (filters.state) params.set("state", filters.state);
+    if (filters.assigneeId) params.set("assigneeId", filters.assigneeId);
+    const queryString = params.toString();
+    const path = queryString ? `/api/mcp/tasks?${queryString}` : "/api/mcp/tasks";
+    return this.request("GET", path);
+  }
+  /**
+   * Get full task details
+   */
+  async getTask(taskId) {
+    return this.request("GET", `/api/mcp/tasks/${taskId}`);
+  }
+  /**
+   * Assign task to current user and create branch
+   */
+  async assignTask(taskId, projectId, expectedState = TaskState.READY) {
+    return this.request("POST", `/api/mcp/tasks/${taskId}/assign`, {
+      projectId,
+      expectedState
+    });
+  }
+  /**
+   * Update task progress
+   */
+  async updateProgress(taskId, data) {
+    return this.request("POST", `/api/mcp/tasks/${taskId}/progress`, data);
+  }
+  /**
+   * Complete task and create PR
+   */
+  async completeTask(taskId, projectId, pullRequestTitle, pullRequestBody) {
+    return this.request("POST", `/api/mcp/tasks/${taskId}/complete`, {
+      projectId,
+      pullRequestTitle,
+      pullRequestBody
+    });
+  }
+  /**
+   * Abandon task and optionally delete branch
+   */
+  async abandonTask(taskId, projectId, deleteBranch = false) {
+    return this.request("POST", `/api/mcp/tasks/${taskId}/abandon`, {
+      projectId,
+      deleteBranch
+    });
+  }
+  /**
+   * Report task error
+   */
+  async reportError(taskId, errorType, errorMessage, context) {
+    return this.request("POST", `/api/mcp/tasks/${taskId}/error`, {
+      errorType,
+      errorMessage,
+      context
+    });
+  }
+  /**
+   * Add note to task
+   */
+  async addNote(taskId, content) {
+    return this.request("POST", `/api/mcp/tasks/${taskId}/notes`, { content });
+  }
+  /**
+   * Get GitHub token
+   */
+  async getGitHubToken(organizationId) {
+    const path = organizationId ? `/api/mcp/github-token?organizationId=${encodeURIComponent(organizationId)}` : "/api/mcp/github-token";
+    return this.request("GET", path);
+  }
+};
+function createApiClientFromEnv() {
+  const baseUrl = process.env.MTAAP_BASE_URL;
+  const apiKey = process.env.MTAAP_API_KEY;
+  if (!baseUrl) {
+    throw new Error("MTAAP_BASE_URL environment variable is required");
+  }
+  if (!apiKey) {
+    throw new Error("MTAAP_API_KEY environment variable is required");
+  }
+  return new MCPApiClient({
+    baseUrl,
+    apiKey,
+    debug: process.env.MTAAP_DEBUG === "true"
+  });
+}
+
+// src/permissions.ts
+var PERMISSION_RANK = {
+  READ: 1,
+  WRITE: 2,
+  ADMIN: 3
+};
+function assertApiKeyPermission(apiKey, required, toolName) {
+  const actualRank = PERMISSION_RANK[apiKey.permissions] ?? 0;
+  const requiredRank = PERMISSION_RANK[required] ?? 0;
+  if (actualRank >= requiredRank) {
+    return;
+  }
+  console.warn("API key permission violation", {
+    keyId: apiKey.id,
+    requiredPermission: required,
+    actualPermission: apiKey.permissions,
+    tool: toolName
+  });
+  const error = new Error(
+    `API key lacks required permissions (required: ${required})`
+  );
+  error.status = 403;
+  throw error;
+}
+
+// src/index.ts
+async function createMCPServer() {
+  const server = new import_mcp.McpServer({
+    name: "mtaap",
+    version: VERSION
+  });
+  const apiClient = createApiClientFromEnv();
+  let authContext;
+  try {
+    authContext = await apiClient.authenticate();
+  } catch (error) {
+    if (error instanceof ApiError) {
+      throw new Error(`Authentication failed: ${error.message}`);
+    }
+    throw error;
+  }
+  const mockApiKey = {
+    permissions: authContext.permissions.includes("ADMIN") ? ApiKeyPermission.ADMIN : authContext.permissions.includes("WRITE") ? ApiKeyPermission.WRITE : ApiKeyPermission.READ
+  };
+  server.registerTool(
+    "list_projects",
+    {
+      description: "List accessible projects (personal + team via tags)"
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.READ,
+        "list_projects"
+      );
+      const validated = ListProjectsInputSchema.parse(args);
+      try {
+        const projects = await apiClient.listProjects(validated.workspaceType);
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(projects, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "list_tasks",
+    {
+      description: "Returns available tasks (filterable by project, state)"
+    },
+    async (args) => {
+      assertApiKeyPermission(mockApiKey, ApiKeyPermission.READ, "list_tasks");
+      const validated = ListTasksInputSchema.parse(args);
+      try {
+        const tasks = await apiClient.listTasks({
+          projectId: validated.projectId,
+          state: validated.state,
+          assigneeId: validated.assigneeId
+        });
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(tasks, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "get_task",
+    {
+      description: "Full task details including acceptance criteria"
+    },
+    async (args) => {
+      assertApiKeyPermission(mockApiKey, ApiKeyPermission.READ, "get_task");
+      const validated = GetTaskInputSchema.parse(args);
+      try {
+        const task = await apiClient.getTask(validated.taskId);
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(task, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "assign_task",
+    {
+      description: "Atomic claim - creates branch. Fails if already taken."
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.WRITE,
+        "assign_task"
+      );
+      const validated = AssignTaskInputSchema.parse(args);
+      try {
+        const result = await apiClient.assignTask(
+          validated.taskId,
+          validated.projectId,
+          validated.expectedState
+        );
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(result, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "update_progress",
+    {
+      description: "Reports status, updates checkboxes, writes checkpoint"
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.WRITE,
+        "update_progress"
+      );
+      const validated = UpdateProgressInputSchema.parse(args);
+      try {
+        const result = await apiClient.updateProgress(validated.taskId, {
+          statusMessage: validated.statusMessage,
+          completedCheckpointIds: validated.completedCheckpointIds,
+          currentCheckpointIndex: validated.currentCheckpointIndex
+        });
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(result, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "complete_task",
+    {
+      description: "Marks complete, triggers PR, deletes local state file"
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.WRITE,
+        "complete_task"
+      );
+      const validated = CompleteTaskInputSchema.parse(args);
+      try {
+        const result = await apiClient.completeTask(
+          validated.taskId,
+          validated.projectId,
+          validated.pullRequestTitle,
+          validated.pullRequestBody
+        );
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(result, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "check_active_task",
+    {
+      description: "Check for resumable task in .mtaap/active-task.json"
+    },
+    async () => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.READ,
+        "check_active_task"
+      );
+      const result = await checkActiveTask();
+      return {
+        content: [
+          {
+            type: "text",
+            text: JSON.stringify(result, null, 2)
+          }
+        ]
+      };
+    }
+  );
+  server.registerTool(
+    "report_error",
+    {
+      description: "Report unrecoverable error, displays on task in webapp"
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.WRITE,
+        "report_error"
+      );
+      const validated = ReportErrorInputSchema.parse(args);
+      try {
+        const result = await apiClient.reportError(
+          validated.taskId,
+          validated.errorType,
+          validated.errorMessage,
+          validated.context
+        );
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(result, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "get_project_context",
+    {
+      description: "Returns assembled context (README, stack, conventions)"
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.READ,
+        "get_project_context"
+      );
+      const validated = GetProjectContextInputSchema.parse(args);
+      try {
+        const context = await apiClient.getProjectContext(validated.projectId);
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(context, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "add_note",
+    {
+      description: "Append implementation notes to task"
+    },
+    async (args) => {
+      assertApiKeyPermission(mockApiKey, ApiKeyPermission.WRITE, "add_note");
+      const validated = AddNoteInputSchema.parse(args);
+      try {
+        const result = await apiClient.addNote(
+          validated.taskId,
+          validated.content
+        );
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(result, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "abandon_task",
+    {
+      description: "Unassign from a task and optionally delete the branch"
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.WRITE,
+        "abandon_task"
+      );
+      const validated = AbandonTaskInputSchema.parse(args);
+      try {
+        const result = await apiClient.abandonTask(
+          validated.taskId,
+          validated.projectId,
+          validated.deleteBranch
+        );
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(result, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "create_personal_project",
+    {
+      description: "Create project in user's personal workspace"
+    },
+    async (args) => {
+      assertApiKeyPermission(
+        mockApiKey,
+        ApiKeyPermission.WRITE,
+        "create_personal_project"
+      );
+      const validated = CreatePersonalProjectInputSchema.parse(args);
+      try {
+        const result = await apiClient.createPersonalProject(
+          validated.name,
+          validated.description,
+          validated.repositoryUrl
+        );
+        return {
+          content: [
+            {
+              type: "text",
+              text: JSON.stringify(result, null, 2)
+            }
+          ]
+        };
+      } catch (error) {
+        return handleApiError(error);
+      }
+    }
+  );
+  server.registerTool(
+    "get_version",
+    {
+      description: "Get the current MTAAP version"
+    },
+    async () => {
+      assertApiKeyPermission(mockApiKey, ApiKeyPermission.READ, "get_version");
+      return {
+        content: [
+          {
+            type: "text",
+            text: JSON.stringify(
+              {
+                version: VERSION,
+                timestamp: (/* @__PURE__ */ new Date()).toISOString()
+              },
+              null,
+              2
+            )
+          }
+        ]
+      };
+    }
+  );
+  const transport = new import_stdio.StdioServerTransport();
+  await server.connect(transport);
+}
+function handleApiError(error) {
+  if (error instanceof ApiError) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify(
+            {
+              error: error.message,
+              code: error.code,
+              status: error.status,
+              details: error.details
+            },
+            null,
+            2
+          )
+        }
+      ],
+      isError: true
+    };
+  }
+  const message = error instanceof Error ? error.message : String(error);
+  return {
+    content: [
+      {
+        type: "text",
+        text: JSON.stringify({ error: message }, null, 2)
+      }
+    ],
+    isError: true
+  };
+}
+async function checkActiveTask() {
+  const fs = await import("fs");
+  const path = await import("path");
+  const activeTaskPath = path.join(process.cwd(), ".mtaap", "active-task.json");
+  try {
+    await fs.promises.access(activeTaskPath);
+    const content = await fs.promises.readFile(activeTaskPath, "utf-8");
+    const activeTask = JSON.parse(content);
+    return {
+      hasActiveTask: true,
+      task: activeTask
+    };
+  } catch {
+    return {
+      hasActiveTask: false,
+      task: null
+    };
+  }
+}
 
 // src/cli.ts
 function validateEnvironment() {
   const errors = [];
-  const warnings = [];
   if (!process.env.MTAAP_API_KEY) {
     errors.push(
-      "MTAAP_API_KEY is required. Generate one at https://app.mtaap.io/settings/api-keys"
+      "MTAAP_API_KEY is required. Generate one at https://collab.mtaap.de/settings/api-keys"
     );
   }
-  if (!process.env.GITHUB_TOKEN) {
-    warnings.push(
-      "GITHUB_TOKEN is not set. Branch creation and PR features will not work."
+  if (!process.env.MTAAP_BASE_URL) {
+    errors.push(
+      "MTAAP_BASE_URL is required. Set to https://collab.mtaap.de for cloud or your self-hosted URL."
     );
   }
-  for (const warning of warnings) {
-    console.error(`[mtaap-mcp] Warning: ${warning}`);
-  }
   if (errors.length > 0) {
     for (const error of errors) {
       console.error(`[mtaap-mcp] Error: ${error}`);
     }
     console.error("\nRequired environment variables:");
-    console.error("  MTAAP_API_KEY    Your MTAAP API key");
-    console.error("\nOptional environment variables:");
-    console.error("  GITHUB_TOKEN     GitHub personal access token for git operations");
+    console.error("  MTAAP_API_KEY     Your MTAAP API key");
+    console.error("  MTAAP_BASE_URL    MTAAP webapp URL (e.g., https://collab.mtaap.de)");
+    console.error("\nExample mcp.json configuration:");
+    console.error(`{
+  "mcpServers": {
+    "mtaap": {
+      "command": "npx",
+      "args": ["@mtaap/mcp"],
+      "env": {
+        "MTAAP_API_KEY": "usr_your_api_key_here",
+        "MTAAP_BASE_URL": "https://collab.mtaap.de"
+      }
+    }
+  }
+}`);
+    process.exit(1);
+  }
+  try {
+    new URL(process.env.MTAAP_BASE_URL);
+  } catch {
+    console.error(`[mtaap-mcp] Error: MTAAP_BASE_URL is not a valid URL: ${process.env.MTAAP_BASE_URL}`);
+    process.exit(1);
+  }
+}
+async function checkConnectivity() {
+  const baseUrl = process.env.MTAAP_BASE_URL;
+  console.error(`[mtaap-mcp] Checking connectivity to ${baseUrl}...`);
+  try {
+    const response = await fetch(`${baseUrl}/api/mcp/auth`, {
+      method: "GET",
+      headers: {
+        "X-API-Key": process.env.MTAAP_API_KEY
+      },
+      signal: AbortSignal.timeout(1e4)
+      // 10 second timeout
+    });
+    if (!response.ok) {
+      const data = await response.json().catch(() => ({}));
+      if (response.status === 401) {
+        console.error("[mtaap-mcp] Error: Invalid or expired API key");
+        process.exit(1);
+      }
+      console.error(`[mtaap-mcp] Error: API returned ${response.status}: ${data.error || "Unknown error"}`);
+      process.exit(1);
+    }
+    console.error("[mtaap-mcp] Connected successfully");
+  } catch (error) {
+    if (error instanceof Error && error.name === "TimeoutError") {
+      console.error(`[mtaap-mcp] Error: Connection timed out to ${baseUrl}`);
+    } else {
+      console.error(`[mtaap-mcp] Error: Could not connect to ${baseUrl}`);
+      console.error(`[mtaap-mcp] Details: ${error instanceof Error ? error.message : String(error)}`);
+    }
     process.exit(1);
   }
 }
 async function main() {
   console.error("[mtaap-mcp] Starting MTAAP MCP server...");
   validateEnvironment();
+  await checkConnectivity();
   try {
     await createMCPServer();
     console.error("[mtaap-mcp] Server started successfully");