@n24q02m/mcp-relay-server 0.1.0

package/build/app.d.ts

@@ -0,0 +1,3 @@
+import express from 'express';
+export declare function createApp(): express.Express;
+//# sourceMappingURL=app.d.ts.map

package/build/app.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"app.d.ts","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AACA,OAAO,OAAO,MAAM,SAAS,CAAA;AAI7B,wBAAgB,SAAS,IAAI,OAAO,CAAC,OAAO,CAgB3C"}

package/build/app.js

@@ -0,0 +1,18 @@
+import cors from 'cors';
+import express from 'express';
+import { rateLimiter } from './middleware/rate-limit.js';
+import { sessionsRouter } from './routes/sessions.js';
+export function createApp() {
+    const app = express();
+    const corsOrigin = process.env.CORS_ORIGIN ?? '*';
+    app.use(cors({ origin: corsOrigin }));
+    app.use(express.json({ limit: '1mb' }));
+    app.use(rateLimiter);
+    app.use('/api/sessions', sessionsRouter);
+    const pagesDir = process.env.PAGES_DIR;
+    if (pagesDir) {
+        app.use(express.static(pagesDir));
+    }
+    return app;
+}
+//# sourceMappingURL=app.js.map

package/build/app.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"app.js","sourceRoot":"","sources":["../src/app.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAA;AACvB,OAAO,OAAO,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAErD,MAAM,UAAU,SAAS;IACvB,MAAM,GAAG,GAAG,OAAO,EAAE,CAAA;IAErB,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,GAAG,CAAA;IACjD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC,CAAA;IACrC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,CAAA;IACvC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;IAEpB,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,cAAc,CAAC,CAAA;IAExC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAA;IACtC,IAAI,QAAQ,EAAE,CAAC;QACb,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAA;IACnC,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC"}

package/build/index.d.ts

@@ -0,0 +1,3 @@
+export { createApp } from './app.js';
+export { startLocalRelay } from './local.js';
+//# sourceMappingURL=index.d.ts.map

package/build/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA"}

package/build/index.js

@@ -0,0 +1,11 @@
+import { createApp } from './app.js';
+import { startCleanup } from './store.js';
+export { createApp } from './app.js';
+export { startLocalRelay } from './local.js';
+const port = Number.parseInt(process.env.PORT ?? '3000', 10);
+const app = createApp();
+startCleanup();
+app.listen(port, () => {
+    console.log(`Relay server listening on port ${port}`);
+});
+//# sourceMappingURL=index.js.map

package/build/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAEzC,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAE5C,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,MAAM,EAAE,EAAE,CAAC,CAAA;AAC5D,MAAM,GAAG,GAAG,SAAS,EAAE,CAAA;AAEvB,YAAY,EAAE,CAAA;AAEd,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;IACpB,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,EAAE,CAAC,CAAA;AACvD,CAAC,CAAC,CAAA"}

package/build/local.d.ts

@@ -0,0 +1,6 @@
+export declare function startLocalRelay(pagesDir: string): Promise<{
+    port: number;
+    url: string;
+    close: () => void;
+}>;
+//# sourceMappingURL=local.d.ts.map

package/build/local.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"local.d.ts","sourceRoot":"","sources":["../src/local.ts"],"names":[],"mappings":"AAIA,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,IAAI,CAAA;CAAE,CAAC,CAcjH"}

package/build/local.js

@@ -0,0 +1,17 @@
+import express from 'express';
+import { createApp } from './app.js';
+export async function startLocalRelay(pagesDir) {
+    const app = createApp();
+    app.use(express.static(pagesDir));
+    return new Promise((resolve) => {
+        const server = app.listen(0, () => {
+            const addr = server.address();
+            resolve({
+                port: addr.port,
+                url: `http://localhost:${addr.port}`,
+                close: () => server.close()
+            });
+        });
+    });
+}
+//# sourceMappingURL=local.js.map

package/build/local.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"local.js","sourceRoot":"","sources":["../src/local.ts"],"names":[],"mappings":"AACA,OAAO,OAAO,MAAM,SAAS,CAAA;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAA;AAEpC,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,QAAgB;IACpD,MAAM,GAAG,GAAG,SAAS,EAAE,CAAA;IACvB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAA;IAEjC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,EAAE;YAChC,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAiB,CAAA;YAC5C,OAAO,CAAC;gBACN,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,GAAG,EAAE,oBAAoB,IAAI,CAAC,IAAI,EAAE;gBACpC,KAAK,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,EAAE;aAC5B,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC"}

package/build/middleware/rate-limit.d.ts

@@ -0,0 +1,2 @@
+export declare const rateLimiter: import("express-rate-limit").RateLimitRequestHandler;
+//# sourceMappingURL=rate-limit.d.ts.map

package/build/middleware/rate-limit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.d.ts","sourceRoot":"","sources":["../../src/middleware/rate-limit.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,WAAW,sDAMtB,CAAA"}

package/build/middleware/rate-limit.js

@@ -0,0 +1,9 @@
+import rateLimit from 'express-rate-limit';
+export const rateLimiter = rateLimit({
+    windowMs: 60 * 1000, // 1 minute
+    limit: 30,
+    standardHeaders: 'draft-7',
+    legacyHeaders: false,
+    message: { error: 'Too many requests, please try again later' }
+});
+//# sourceMappingURL=rate-limit.js.map

package/build/middleware/rate-limit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limit.js","sourceRoot":"","sources":["../../src/middleware/rate-limit.ts"],"names":[],"mappings":"AAAA,OAAO,SAAS,MAAM,oBAAoB,CAAA;AAE1C,MAAM,CAAC,MAAM,WAAW,GAAG,SAAS,CAAC;IACnC,QAAQ,EAAE,EAAE,GAAG,IAAI,EAAE,WAAW;IAChC,KAAK,EAAE,EAAE;IACT,eAAe,EAAE,SAAS;IAC1B,aAAa,EAAE,KAAK;IACpB,OAAO,EAAE,EAAE,KAAK,EAAE,2CAA2C,EAAE;CAChE,CAAC,CAAA"}

package/build/routes/sessions.d.ts

@@ -0,0 +1,3 @@
+import { Router } from 'express';
+export declare const sessionsRouter: ReturnType<typeof Router>;
+//# sourceMappingURL=sessions.d.ts.map

package/build/routes/sessions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sessions.d.ts","sourceRoot":"","sources":["../../src/routes/sessions.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAQhC,eAAO,MAAM,cAAc,EAAE,UAAU,CAAC,OAAO,MAAM,CAAY,CAAA"}

package/build/routes/sessions.js

@@ -0,0 +1,58 @@
+import { Router } from 'express';
+import { createSession, deleteSession, getSession, setSessionResult } from '../store.js';
+function paramId(req) {
+    const id = req.params.id;
+    return Array.isArray(id) ? id[0] : id;
+}
+export const sessionsRouter = Router();
+sessionsRouter.post('/', (req, res) => {
+    const { sessionId, serverName, schema } = req.body;
+    if (!sessionId || !serverName) {
+        res.status(400).json({ error: 'sessionId and serverName are required' });
+        return;
+    }
+    const sourceIp = req.ip ?? req.socket.remoteAddress ?? 'unknown';
+    const session = createSession(sessionId, serverName, schema, sourceIp);
+    if (!session) {
+        res.status(429).json({ error: 'Too many active sessions for this IP' });
+        return;
+    }
+    res.status(201).json({ sessionId: session.id });
+});
+sessionsRouter.get('/:id', (req, res) => {
+    const session = getSession(paramId(req));
+    if (!session) {
+        res.status(404).json({ error: 'Session not found or expired' });
+        return;
+    }
+    if (session.result === null) {
+        res
+            .status(202)
+            .json({ status: 'pending', sessionId: session.id, serverName: session.serverName, schema: session.schema });
+        return;
+    }
+    res.status(200).json({ status: 'ready', result: session.result });
+});
+sessionsRouter.post('/:id/result', (req, res) => {
+    const { browserPub, ciphertext, iv, tag } = req.body;
+    if (!browserPub || !ciphertext || !iv || !tag) {
+        res.status(400).json({ error: 'browserPub, ciphertext, iv, and tag are required' });
+        return;
+    }
+    const session = getSession(paramId(req));
+    if (!session) {
+        res.status(404).json({ error: 'Session not found or expired' });
+        return;
+    }
+    const success = setSessionResult(paramId(req), { browserPub, ciphertext, iv, tag });
+    if (!success) {
+        res.status(409).json({ error: 'Result already submitted' });
+        return;
+    }
+    res.status(200).json({ ok: true });
+});
+sessionsRouter.delete('/:id', (req, res) => {
+    deleteSession(paramId(req));
+    res.status(204).send();
+});
+//# sourceMappingURL=sessions.js.map

package/build/routes/sessions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sessions.js","sourceRoot":"","sources":["../../src/routes/sessions.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAA;AAChC,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AAExF,SAAS,OAAO,CAAC,GAAY;IAC3B,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAA;IACxB,OAAO,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;AACvC,CAAC;AAED,MAAM,CAAC,MAAM,cAAc,GAA8B,MAAM,EAAE,CAAA;AAEjE,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IACvD,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,IAI7C,CAAA;IAED,IAAI,CAAC,SAAS,IAAI,CAAC,UAAU,EAAE,CAAC;QAC9B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,uCAAuC,EAAE,CAAC,CAAA;QACxE,OAAM;IACR,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,SAAS,CAAA;IAChE,MAAM,OAAO,GAAG,aAAa,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAA;IAEtE,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC,CAAA;QACvE,OAAM;IACR,CAAC;IAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;AACjD,CAAC,CAAC,CAAA;AAEF,cAAc,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IACzD,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;IAExC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,CAAC,CAAA;QAC/D,OAAM;IACR,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;QAC5B,GAAG;aACA,MAAM,CAAC,GAAG,CAAC;aACX,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;QAC7G,OAAM;IACR,CAAC;IAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;AACnE,CAAC,CAAC,CAAA;AAEF,cAAc,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IACjE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAK/C,CAAA;IAED,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,IAAI,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC;QAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kDAAkD,EAAE,CAAC,CAAA;QACnF,OAAM;IACR,CAAC;IAED,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;IACxC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,CAAC,CAAA;QAC/D,OAAM;IACR,CAAC;IAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,EAAE,UAAU,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;IACnF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAA;QAC3D,OAAM;IACR,CAAC;IAED,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;AACpC,CAAC,CAAC,CAAA;AAEF,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAY,EAAE,GAAa,EAAE,EAAE;IAC5D,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;IAC3B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAA;AACxB,CAAC,CAAC,CAAA"}

package/build/store.d.ts

@@ -0,0 +1,22 @@
+export interface SessionResult {
+    browserPub: string;
+    ciphertext: string;
+    iv: string;
+    tag: string;
+}
+export interface Session {
+    id: string;
+    serverName: string;
+    schema: unknown;
+    result: SessionResult | null;
+    createdAt: number;
+    sourceIp: string;
+}
+export declare function getSession(id: string): Session | undefined;
+export declare function createSession(id: string, serverName: string, schema: unknown, sourceIp: string): Session | null;
+export declare function setSessionResult(id: string, result: SessionResult): boolean;
+export declare function deleteSession(id: string): boolean;
+export declare function startCleanup(): void;
+export declare function stopCleanup(): void;
+export declare function clearAllSessions(): void;
+//# sourceMappingURL=store.d.ts.map

package/build/store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../src/store.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,MAAM,CAAA;IAClB,EAAE,EAAE,MAAM,CAAA;IACV,GAAG,EAAE,MAAM,CAAA;CACZ;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,EAAE,OAAO,CAAA;IACf,MAAM,EAAE,aAAa,GAAG,IAAI,CAAA;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;CACjB;AASD,wBAAgB,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,GAAG,SAAS,CAO1D;AAED,wBAAgB,aAAa,CAAC,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,GAAG,IAAI,CAgB/G;AAED,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,GAAG,OAAO,CAM3E;AAED,wBAAgB,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAEjD;AAsBD,wBAAgB,YAAY,IAAI,IAAI,CAKnC;AAED,wBAAgB,WAAW,IAAI,IAAI,CAKlC;AAED,wBAAgB,gBAAgB,IAAI,IAAI,CAEvC"}

package/build/store.js

@@ -0,0 +1,75 @@
+const SESSION_TTL_MS = 10 * 60 * 1000; // 10 minutes
+const CLEANUP_INTERVAL_MS = 60 * 1000; // 60 seconds
+const MAX_SESSIONS_PER_IP = 5;
+const sessions = new Map();
+let cleanupTimer = null;
+export function getSession(id) {
+    const session = sessions.get(id);
+    if (session && Date.now() - session.createdAt > SESSION_TTL_MS) {
+        sessions.delete(id);
+        return undefined;
+    }
+    return session;
+}
+export function createSession(id, serverName, schema, sourceIp) {
+    const ipCount = countSessionsByIp(sourceIp);
+    if (ipCount >= MAX_SESSIONS_PER_IP) {
+        return null;
+    }
+    const session = {
+        id,
+        serverName,
+        schema,
+        result: null,
+        createdAt: Date.now(),
+        sourceIp
+    };
+    sessions.set(id, session);
+    return session;
+}
+export function setSessionResult(id, result) {
+    const session = getSession(id);
+    if (!session)
+        return false;
+    if (session.result !== null)
+        return false;
+    session.result = result;
+    return true;
+}
+export function deleteSession(id) {
+    return sessions.delete(id);
+}
+function countSessionsByIp(ip) {
+    const now = Date.now();
+    let count = 0;
+    for (const session of sessions.values()) {
+        if (session.sourceIp === ip && now - session.createdAt <= SESSION_TTL_MS) {
+            count++;
+        }
+    }
+    return count;
+}
+function cleanup() {
+    const now = Date.now();
+    for (const [id, session] of sessions) {
+        if (now - session.createdAt > SESSION_TTL_MS) {
+            sessions.delete(id);
+        }
+    }
+}
+export function startCleanup() {
+    if (!cleanupTimer) {
+        cleanupTimer = setInterval(cleanup, CLEANUP_INTERVAL_MS);
+        cleanupTimer.unref?.();
+    }
+}
+export function stopCleanup() {
+    if (cleanupTimer) {
+        clearInterval(cleanupTimer);
+        cleanupTimer = null;
+    }
+}
+export function clearAllSessions() {
+    sessions.clear();
+}
+//# sourceMappingURL=store.js.map

package/build/store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.js","sourceRoot":"","sources":["../src/store.ts"],"names":[],"mappings":"AAgBA,MAAM,cAAc,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA,CAAC,aAAa;AACnD,MAAM,mBAAmB,GAAG,EAAE,GAAG,IAAI,CAAA,CAAC,aAAa;AACnD,MAAM,mBAAmB,GAAG,CAAC,CAAA;AAE7B,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAmB,CAAA;AAC3C,IAAI,YAAY,GAA0C,IAAI,CAAA;AAE9D,MAAM,UAAU,UAAU,CAAC,EAAU;IACnC,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;IAChC,IAAI,OAAO,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,SAAS,GAAG,cAAc,EAAE,CAAC;QAC/D,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QACnB,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,EAAU,EAAE,UAAkB,EAAE,MAAe,EAAE,QAAgB;IAC7F,MAAM,OAAO,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAA;IAC3C,IAAI,OAAO,IAAI,mBAAmB,EAAE,CAAC;QACnC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,OAAO,GAAY;QACvB,EAAE;QACF,UAAU;QACV,MAAM;QACN,MAAM,EAAE,IAAI;QACZ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;QACrB,QAAQ;KACT,CAAA;IACD,QAAQ,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,CAAC,CAAA;IACzB,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,EAAU,EAAE,MAAqB;IAChE,MAAM,OAAO,GAAG,UAAU,CAAC,EAAE,CAAC,CAAA;IAC9B,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAA;IAC1B,IAAI,OAAO,CAAC,MAAM,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IACzC,OAAO,CAAC,MAAM,GAAG,MAAM,CAAA;IACvB,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,EAAU;IACtC,OAAO,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;AAC5B,CAAC;AAED,SAAS,iBAAiB,CAAC,EAAU;IACnC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IACtB,IAAI,KAAK,GAAG,CAAC,CAAA;IACb,KAAK,MAAM,OAAO,IAAI,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;QACxC,IAAI,OAAO,CAAC,QAAQ,KAAK,EAAE,IAAI,GAAG,GAAG,OAAO,CAAC,SAAS,IAAI,cAAc,EAAE,CAAC;YACzE,KAAK,EAAE,CAAA;QACT,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED,SAAS,OAAO;IACd,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IACtB,KAAK,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,IAAI,QAAQ,EAAE,CAAC;QACrC,IAAI,GAAG,GAAG,OAAO,CAAC,SAAS,GAAG,cAAc,EAAE,CAAC;YAC7C,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;QACrB,CAAC;IACH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY;IAC1B,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,YAAY,GAAG,WAAW,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAA;QACxD,YAAY,CAAC,KAAK,EAAE,EAAE,CAAA;IACxB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW;IACzB,IAAI,YAAY,EAAE,CAAC;QACjB,aAAa,CAAC,YAAY,CAAC,CAAA;QAC3B,YAAY,GAAG,IAAI,CAAA;IACrB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,QAAQ,CAAC,KAAK,EAAE,CAAA;AAClB,CAAC"}

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "@n24q02m/mcp-relay-server",
+  "version": "0.1.0",
+  "type": "module",
+  "main": "build/index.js",
+  "scripts": {
+    "build": "tsc --build tsconfig.build.json",
+    "dev": "tsx watch src/index.ts",
+    "start": "node build/index.js",
+    "test": "vitest --passWithNoTests",
+    "test:coverage": "vitest --coverage",
+    "check": "biome check . && bun run type-check",
+    "type-check": "tsc --noEmit"
+  },
+  "dependencies": {
+    "express": "^5.2.1",
+    "express-rate-limit": "^8.3.1",
+    "cors": "^2.8.5"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "^2.4.8",
+    "@types/cors": "^2.8.17",
+    "@types/express": "^5.0.6",
+    "@types/node": "^24.12.0",
+    "@vitest/coverage-v8": "^4.1.0",
+    "tsx": "^4.21.0",
+    "typescript": "^5.9.3",
+    "vitest": "^4.1.0"
+  },
+  "engines": {
+    "node": ">=24.14.0"
+  },
+  "packageManager": "bun@1.2.21"
+}

package/src/app.ts

@@ -0,0 +1,22 @@
+import cors from 'cors'
+import express from 'express'
+import { rateLimiter } from './middleware/rate-limit.js'
+import { sessionsRouter } from './routes/sessions.js'
+
+export function createApp(): express.Express {
+  const app = express()
+
+  const corsOrigin = process.env.CORS_ORIGIN ?? '*'
+  app.use(cors({ origin: corsOrigin }))
+  app.use(express.json({ limit: '1mb' }))
+  app.use(rateLimiter)
+
+  app.use('/api/sessions', sessionsRouter)
+
+  const pagesDir = process.env.PAGES_DIR
+  if (pagesDir) {
+    app.use(express.static(pagesDir))
+  }
+
+  return app
+}

package/src/index.ts

@@ -0,0 +1,14 @@
+import { createApp } from './app.js'
+import { startCleanup } from './store.js'
+
+export { createApp } from './app.js'
+export { startLocalRelay } from './local.js'
+
+const port = Number.parseInt(process.env.PORT ?? '3000', 10)
+const app = createApp()
+
+startCleanup()
+
+app.listen(port, () => {
+  console.log(`Relay server listening on port ${port}`)
+})

package/src/local.ts

@@ -0,0 +1,19 @@
+import type { AddressInfo } from 'node:net'
+import express from 'express'
+import { createApp } from './app.js'
+
+export async function startLocalRelay(pagesDir: string): Promise<{ port: number; url: string; close: () => void }> {
+  const app = createApp()
+  app.use(express.static(pagesDir))
+
+  return new Promise((resolve) => {
+    const server = app.listen(0, () => {
+      const addr = server.address() as AddressInfo
+      resolve({
+        port: addr.port,
+        url: `http://localhost:${addr.port}`,
+        close: () => server.close()
+      })
+    })
+  })
+}

package/src/middleware/rate-limit.ts

@@ -0,0 +1,9 @@
+import rateLimit from 'express-rate-limit'
+
+export const rateLimiter = rateLimit({
+  windowMs: 60 * 1000, // 1 minute
+  limit: 30,
+  standardHeaders: 'draft-7',
+  legacyHeaders: false,
+  message: { error: 'Too many requests, please try again later' }
+})

package/src/routes/sessions.ts

@@ -0,0 +1,84 @@
+import type { Request, Response } from 'express'
+import { Router } from 'express'
+import { createSession, deleteSession, getSession, setSessionResult } from '../store.js'
+
+function paramId(req: Request): string {
+  const id = req.params.id
+  return Array.isArray(id) ? id[0] : id
+}
+
+export const sessionsRouter: ReturnType<typeof Router> = Router()
+
+sessionsRouter.post('/', (req: Request, res: Response) => {
+  const { sessionId, serverName, schema } = req.body as {
+    sessionId?: string
+    serverName?: string
+    schema?: unknown
+  }
+
+  if (!sessionId || !serverName) {
+    res.status(400).json({ error: 'sessionId and serverName are required' })
+    return
+  }
+
+  const sourceIp = req.ip ?? req.socket.remoteAddress ?? 'unknown'
+  const session = createSession(sessionId, serverName, schema, sourceIp)
+
+  if (!session) {
+    res.status(429).json({ error: 'Too many active sessions for this IP' })
+    return
+  }
+
+  res.status(201).json({ sessionId: session.id })
+})
+
+sessionsRouter.get('/:id', (req: Request, res: Response) => {
+  const session = getSession(paramId(req))
+
+  if (!session) {
+    res.status(404).json({ error: 'Session not found or expired' })
+    return
+  }
+
+  if (session.result === null) {
+    res
+      .status(202)
+      .json({ status: 'pending', sessionId: session.id, serverName: session.serverName, schema: session.schema })
+    return
+  }
+
+  res.status(200).json({ status: 'ready', result: session.result })
+})
+
+sessionsRouter.post('/:id/result', (req: Request, res: Response) => {
+  const { browserPub, ciphertext, iv, tag } = req.body as {
+    browserPub?: string
+    ciphertext?: string
+    iv?: string
+    tag?: string
+  }
+
+  if (!browserPub || !ciphertext || !iv || !tag) {
+    res.status(400).json({ error: 'browserPub, ciphertext, iv, and tag are required' })
+    return
+  }
+
+  const session = getSession(paramId(req))
+  if (!session) {
+    res.status(404).json({ error: 'Session not found or expired' })
+    return
+  }
+
+  const success = setSessionResult(paramId(req), { browserPub, ciphertext, iv, tag })
+  if (!success) {
+    res.status(409).json({ error: 'Result already submitted' })
+    return
+  }
+
+  res.status(200).json({ ok: true })
+})
+
+sessionsRouter.delete('/:id', (req: Request, res: Response) => {
+  deleteSession(paramId(req))
+  res.status(204).send()
+})

package/src/store.ts

@@ -0,0 +1,99 @@
+export interface SessionResult {
+  browserPub: string
+  ciphertext: string
+  iv: string
+  tag: string
+}
+
+export interface Session {
+  id: string
+  serverName: string
+  schema: unknown
+  result: SessionResult | null
+  createdAt: number
+  sourceIp: string
+}
+
+const SESSION_TTL_MS = 10 * 60 * 1000 // 10 minutes
+const CLEANUP_INTERVAL_MS = 60 * 1000 // 60 seconds
+const MAX_SESSIONS_PER_IP = 5
+
+const sessions = new Map<string, Session>()
+let cleanupTimer: ReturnType<typeof setInterval> | null = null
+
+export function getSession(id: string): Session | undefined {
+  const session = sessions.get(id)
+  if (session && Date.now() - session.createdAt > SESSION_TTL_MS) {
+    sessions.delete(id)
+    return undefined
+  }
+  return session
+}
+
+export function createSession(id: string, serverName: string, schema: unknown, sourceIp: string): Session | null {
+  const ipCount = countSessionsByIp(sourceIp)
+  if (ipCount >= MAX_SESSIONS_PER_IP) {
+    return null
+  }
+
+  const session: Session = {
+    id,
+    serverName,
+    schema,
+    result: null,
+    createdAt: Date.now(),
+    sourceIp
+  }
+  sessions.set(id, session)
+  return session
+}
+
+export function setSessionResult(id: string, result: SessionResult): boolean {
+  const session = getSession(id)
+  if (!session) return false
+  if (session.result !== null) return false
+  session.result = result
+  return true
+}
+
+export function deleteSession(id: string): boolean {
+  return sessions.delete(id)
+}
+
+function countSessionsByIp(ip: string): number {
+  const now = Date.now()
+  let count = 0
+  for (const session of sessions.values()) {
+    if (session.sourceIp === ip && now - session.createdAt <= SESSION_TTL_MS) {
+      count++
+    }
+  }
+  return count
+}
+
+function cleanup(): void {
+  const now = Date.now()
+  for (const [id, session] of sessions) {
+    if (now - session.createdAt > SESSION_TTL_MS) {
+      sessions.delete(id)
+    }
+  }
+}
+
+export function startCleanup(): void {
+  if (!cleanupTimer) {
+    cleanupTimer = setInterval(cleanup, CLEANUP_INTERVAL_MS)
+    cleanupTimer.unref?.()
+  }
+}
+
+export function stopCleanup(): void {
+  if (cleanupTimer) {
+    clearInterval(cleanupTimer)
+    cleanupTimer = null
+  }
+}
+
+export function clearAllSessions(): void {
+  sessions.clear()
+}

package/tests/rate-limit.test.ts

@@ -0,0 +1,49 @@
+import { createServer, type Server } from 'node:http'
+import type { AddressInfo } from 'node:net'
+import { afterAll, afterEach, beforeAll, describe, expect, it } from 'vitest'
+import { createApp } from '../src/app.js'
+import { clearAllSessions } from '../src/store.js'
+
+let server: Server
+let baseUrl: string
+
+beforeAll(async () => {
+  const app = createApp()
+  server = createServer(app)
+  await new Promise<void>((resolve) => {
+    server.listen(0, () => {
+      const addr = server.address() as AddressInfo
+      baseUrl = `http://127.0.0.1:${addr.port}`
+      resolve()
+    })
+  })
+})
+
+afterEach(() => {
+  clearAllSessions()
+})
+
+afterAll(async () => {
+  await new Promise<void>((resolve) => {
+    server.close(() => resolve())
+  })
+})
+
+describe('Rate limiting', () => {
+  it('rate limit kicks in after 30 requests per minute', async () => {
+    // Send 30 requests (all should succeed with 404 since no session exists)
+    const results: number[] = []
+    for (let i = 0; i < 31; i++) {
+      const res = await fetch(`${baseUrl}/api/sessions/rate-test-${i}`)
+      results.push(res.status)
+    }
+
+    // First 30 should be 404 (valid response, session not found)
+    for (let i = 0; i < 30; i++) {
+      expect(results[i]).toBe(404)
+    }
+
+    // 31st should be rate limited
+    expect(results[30]).toBe(429)
+  })
+})

package/tests/session-ttl.test.ts

@@ -0,0 +1,50 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'
+import { clearAllSessions, createSession, getSession, startCleanup, stopCleanup } from '../src/store.js'
+
+describe('Session TTL', () => {
+  beforeEach(() => {
+    vi.useFakeTimers()
+    clearAllSessions()
+  })
+
+  afterEach(() => {
+    stopCleanup()
+    vi.useRealTimers()
+  })
+
+  it('sessions expire after 10 minutes', () => {
+    createSession('ttl-1', 'telegram', {}, '127.0.0.1')
+    expect(getSession('ttl-1')).toBeDefined()
+
+    // Advance 9 minutes - should still exist
+    vi.advanceTimersByTime(9 * 60 * 1000)
+    expect(getSession('ttl-1')).toBeDefined()
+
+    // Advance past 10 minutes
+    vi.advanceTimersByTime(2 * 60 * 1000)
+    expect(getSession('ttl-1')).toBeUndefined()
+  })
+
+  it('cleanup runs every 60 seconds and removes expired sessions', () => {
+    startCleanup()
+
+    createSession('cleanup-1', 'telegram', {}, '127.0.0.1')
+
+    // Advance 11 minutes (past TTL + multiple cleanup cycles)
+    vi.advanceTimersByTime(11 * 60 * 1000)
+
+    // After cleanup, session should be gone
+    expect(getSession('cleanup-1')).toBeUndefined()
+  })
+
+  it('cleanup does not remove sessions within TTL', () => {
+    startCleanup()
+
+    createSession('alive-1', 'telegram', {}, '127.0.0.1')
+
+    // Advance 2 cleanup cycles (120s) - well within 10 min TTL
+    vi.advanceTimersByTime(2 * 60 * 1000)
+
+    expect(getSession('alive-1')).toBeDefined()
+  })
+})

package/tests/sessions.test.ts

@@ -0,0 +1,189 @@
+import { createServer, type Server } from 'node:http'
+import type { AddressInfo } from 'node:net'
+import { afterAll, afterEach, beforeAll, describe, expect, it } from 'vitest'
+import { createApp } from '../src/app.js'
+import { clearAllSessions } from '../src/store.js'
+
+let server: Server
+let baseUrl: string
+
+beforeAll(async () => {
+  const app = createApp()
+  server = createServer(app)
+  await new Promise<void>((resolve) => {
+    server.listen(0, () => {
+      const addr = server.address() as AddressInfo
+      baseUrl = `http://127.0.0.1:${addr.port}`
+      resolve()
+    })
+  })
+})
+
+afterEach(() => {
+  clearAllSessions()
+})
+
+afterAll(async () => {
+  await new Promise<void>((resolve) => {
+    server.close(() => resolve())
+  })
+})
+
+describe('POST /api/sessions', () => {
+  it('creates a session and returns 201', async () => {
+    const res = await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'test-1', serverName: 'telegram', schema: { token: 'string' } })
+    })
+    expect(res.status).toBe(201)
+    const body = await res.json()
+    expect(body.sessionId).toBe('test-1')
+  })
+
+  it('rejects after 5 sessions from the same IP (429)', async () => {
+    for (let i = 0; i < 5; i++) {
+      const res = await fetch(`${baseUrl}/api/sessions`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ sessionId: `s-${i}`, serverName: 'telegram', schema: {} })
+      })
+      expect(res.status).toBe(201)
+    }
+
+    const res = await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 's-6', serverName: 'telegram', schema: {} })
+    })
+    expect(res.status).toBe(429)
+  })
+
+  it('returns 400 when sessionId or serverName is missing', async () => {
+    const res = await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'test-bad' })
+    })
+    expect(res.status).toBe(400)
+  })
+})
+
+describe('GET /api/sessions/:id', () => {
+  it('returns 202 when session is pending', async () => {
+    await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'pending-1', serverName: 'telegram', schema: {} })
+    })
+
+    const res = await fetch(`${baseUrl}/api/sessions/pending-1`)
+    expect(res.status).toBe(202)
+    const body = await res.json()
+    expect(body.status).toBe('pending')
+    expect(body.serverName).toBe('telegram')
+  })
+
+  it('returns 200 with result when ready', async () => {
+    await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'ready-1', serverName: 'telegram', schema: {} })
+    })
+
+    await fetch(`${baseUrl}/api/sessions/ready-1/result`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ browserPub: 'pub', ciphertext: 'ct', iv: 'iv', tag: 'tag' })
+    })
+
+    const res = await fetch(`${baseUrl}/api/sessions/ready-1`)
+    expect(res.status).toBe(200)
+    const body = await res.json()
+    expect(body.status).toBe('ready')
+    expect(body.result.ciphertext).toBe('ct')
+  })
+
+  it('returns 404 for unknown session', async () => {
+    const res = await fetch(`${baseUrl}/api/sessions/nonexistent`)
+    expect(res.status).toBe(404)
+  })
+})
+
+describe('POST /api/sessions/:id/result', () => {
+  it('stores result (200)', async () => {
+    await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'res-1', serverName: 'telegram', schema: {} })
+    })
+
+    const res = await fetch(`${baseUrl}/api/sessions/res-1/result`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ browserPub: 'pub', ciphertext: 'ct', iv: 'iv', tag: 'tag' })
+    })
+    expect(res.status).toBe(200)
+  })
+
+  it('rejects second submission with 409 (one-shot)', async () => {
+    await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'oneshot-1', serverName: 'telegram', schema: {} })
+    })
+
+    await fetch(`${baseUrl}/api/sessions/oneshot-1/result`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ browserPub: 'pub', ciphertext: 'ct', iv: 'iv', tag: 'tag' })
+    })
+
+    const res = await fetch(`${baseUrl}/api/sessions/oneshot-1/result`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ browserPub: 'pub2', ciphertext: 'ct2', iv: 'iv2', tag: 'tag2' })
+    })
+    expect(res.status).toBe(409)
+  })
+
+  it('returns 404 for unknown session', async () => {
+    const res = await fetch(`${baseUrl}/api/sessions/nonexistent/result`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ browserPub: 'pub', ciphertext: 'ct', iv: 'iv', tag: 'tag' })
+    })
+    expect(res.status).toBe(404)
+  })
+
+  it('returns 400 when required fields are missing', async () => {
+    await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'bad-res-1', serverName: 'telegram', schema: {} })
+    })
+
+    const res = await fetch(`${baseUrl}/api/sessions/bad-res-1/result`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ browserPub: 'pub' })
+    })
+    expect(res.status).toBe(400)
+  })
+})
+
+describe('DELETE /api/sessions/:id', () => {
+  it('removes session (204)', async () => {
+    await fetch(`${baseUrl}/api/sessions`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ sessionId: 'del-1', serverName: 'telegram', schema: {} })
+    })
+
+    const res = await fetch(`${baseUrl}/api/sessions/del-1`, { method: 'DELETE' })
+    expect(res.status).toBe(204)
+
+    const getRes = await fetch(`${baseUrl}/api/sessions/del-1`)
+    expect(getRes.status).toBe(404)
+  })
+})

package/tsconfig.build.json

@@ -0,0 +1,8 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "rootDir": "src"
+  },
+  "include": ["src"],
+  "exclude": ["tests", "**/*.test.ts"]
+}

package/tsconfig.json

@@ -0,0 +1,18 @@
+{
+  "compilerOptions": {
+    "target": "es2021",
+    "lib": ["es2022", "dom"],
+    "types": ["node"],
+    "module": "es2022",
+    "moduleResolution": "Bundler",
+    "strict": true,
+    "esModuleInterop": true,
+    "allowSyntheticDefaultImports": true,
+    "outDir": "build",
+    "declaration": true,
+    "declarationMap": true,
+    "sourceMap": true,
+    "skipLibCheck": true
+  },
+  "include": ["src", "tests"]
+}