@nestjs-mcp/server 0.1.0-alpha.4

package/.copilotignore

@@ -0,0 +1,38 @@
+# Ignore dependencies and lock files
+node_modules/
+pnpm-lock.yaml
+package-lock.json
+yarn.lock
+
+# Ignore environment configuration files
+.env
+.env.*
+
+# Ignore build outputs and temporary directories
+dist/
+build/
+out/
+.tmp/
+.cache/
+
+# Ignore Docker and container configuration files
+.dockerignore
+Dockerfile*
+.docker/
+
+# Ignore IDE and system configuration files
+.vscode/
+.idea/
+*.swp
+
+# Ignore log files
+*.log
+
+# Ignore test and coverage files
+coverage/
+*.test.*
+*.spec.*
+
+# Ignore internal instruction files
+.github/
+copilot-instructions.md

package/.devcontainer/Dockerfile.dev

@@ -0,0 +1,28 @@
+FROM node:22.14
+
+# Set working directory
+WORKDIR /package
+
+# Install required system dependencies
+RUN apt-get update && \
+  apt-get install -y --no-install-recommends \
+  git \
+  curl \
+  && rm -rf /var/lib/apt/lists/*
+
+# Install PNPM and NestJS CLI
+RUN npm install -g pnpm@10 @nestjs/cli
+
+# Copy package files
+COPY package.json pnpm-lock.yaml ./
+
+# Install dependencies as root first
+RUN pnpm install
+
+# Copy the rest of the application code
+COPY . .
+
+EXPOSE 3000 9229 6277
+
+# Command to start development server
+CMD ["tail", "-f", "/dev/null"]

package/.devcontainer/devcontainer.json

@@ -0,0 +1,56 @@
+{
+  "name": "NestJS MCP Server",
+  "dockerComposeFile": "docker-compose.yml",
+  "service": "package",
+  "workspaceFolder": "/package",
+  "remoteUser": "node",
+  "features": {
+    "ghcr.io/devcontainers/features/git:1": {}
+  },
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        // TypeScript & NestJS
+        "vscode.typescript-language-features",
+        "christian-kohler.path-intellisense",
+        "yoavbls.pretty-ts-errors",
+        "meganrogge.template-string-converter",
+
+        // ESLint & Prettier
+        "dbaeumer.vscode-eslint",
+        "esbenp.prettier-vscode",
+
+        // Testing
+        "orta.vscode-jest",
+        "firsttris.vscode-jest-runner",
+
+        // Docker
+        "ms-azuretools.vscode-docker",
+
+        // Database
+        "mtxr.sqltools",
+        "mtxr.sqltools-driver-pg",
+
+        // Git
+        "eamodio.gitlens",
+        "github.vscode-github-actions",
+        "mhutchie.git-graph",
+
+        // Environment & Configuration
+        "mikestead.dotenv",
+        "redhat.vscode-yaml",
+        "editorconfig.editorconfig",
+
+        // Documentation
+        "yzhang.markdown-all-in-one",
+        "bierner.markdown-mermaid",
+
+        // Utilities
+        "visualstudioexptteam.vscodeintellicode",
+        "wayou.vscode-todo-highlight",
+        "gruntfuggly.todo-tree",
+        "pkief.material-icon-theme"
+      ]
+    }
+  }
+}

package/.devcontainer/docker-compose.yml

@@ -0,0 +1,15 @@
+version: '3.8'
+
+services:
+  package:
+    container_name: nestjs-mcp-server
+    build:
+      context: ..
+      dockerfile: .devcontainer/Dockerfile.dev
+    ports:
+      - 3000:3000
+      - 9229:9229
+      - 6277:6277
+    volumes:
+      - ..:/package
+      - /package/node_modules

package/.dockerignore

@@ -0,0 +1,37 @@
+# Development files and directories
+node_modules
+npm-debug.log
+yarn-debug.log
+yarn-error.log
+*.log
+.git
+.github
+.vscode
+.idea
+*.iml
+.DS_Store
+Thumbs.db
+
+# Environment and local configuration files
+.env
+.env.*
+.eslintcache
+.stylelintcache
+*.tsbuildinfo
+
+# Build and test files
+dist
+coverage
+.nyc_output
+
+# Temporary files
+*.swp
+*.bak
+*.tmp
+.temp/
+
+# Documentation and files not needed at runtime
+README.md
+CHANGELOG.md
+LICENSE
+jest.config.ts

package/.github/codeql-config.yml

@@ -0,0 +1,4 @@
+name: "Default CodeQL config"
+queries:
+  - uses: security-extended
+  

package/.github/copilot-instructions.md

@@ -0,0 +1,138 @@
+# Copilot Rules
+
+> This document defines the rules and guidelines for code generation with Copilot in our NestJS module library for MCP Server building. **This project is a wrapper for the @modelcontextprotocol/sdk for TypeScript to create MCP Server** ([GitHub Repository](https://github.com/modelcontextprotocol/typescript-sdk/tree/server)). It is essential to maintain compatibility with this library at all times, using its defined types and ensuring correct implementation of the MCP Server specification as a NestJS module.
+
+## 🎯 Response Principles
+
+- Prioritize code correctness and functionality first
+- Generate maintainable, readable solutions
+- Consider security implications in all code
+- Respect project-specific configurations
+- Verify code quality before delivering final answers
+- Ensure compatibility with @modelcontextprotocol/sdk
+- After code changes, verify that examples in `../examples/*` remain valid and update them if necessary
+
+## 🌐 Language
+
+**STRICT**: Generate all code, comments, docs, and identifiers in English unless:
+
+- User explicitly requests another language
+- Specific project requirements override this rule
+
+## 💡 Code Style & Quality
+
+**STRICT**: All generated code MUST follow style and formatting defined in:
+
+- `eslint.config.mjs`
+- `tsconfig.json` and `tsconfig.build.json`
+- `.prettierrc` (if present)
+
+- Use descriptive, meaningful names for variables, functions, and classes
+- Apply appropriate type annotations where supported
+- Prefer explicit over implicit logic
+- Keep functions focused on single responsibility
+- Verify generated code against linting rules before providing the final solution
+- If linting issues are detected, fix them and explain the changes
+
+## 📝 Documentation & Comments
+
+- Add concise docstrings for functions and classes
+- Document parameters with types and constraints
+- Document return values and possible exceptions
+- Provide usage examples for complex interfaces
+
+**STRICT**: Include comments only for:
+
+- Complex/non-obvious logic
+- Workarounds (with explanation)
+- Security considerations
+- Critical design decisions
+- TODO/FIXME items (with context)
+
+## 🔐 Security
+
+- Never include hardcoded credentials
+- Always validate and sanitize input
+- Use parameterized queries for database operations
+- Apply proper authentication and authorization checks
+- Flag potential security vulnerabilities in generated code
+- Suggest security improvements for existing code
+
+## 📦 Dependencies
+
+- Suggest dependencies with clear justification
+- Prefer established, well-maintained libraries
+- Include single installation command
+- Pin dependency versions precisely
+- Avoid deprecated or vulnerable libraries
+- Respect licensing requirements
+- Minimize the number of dependencies
+
+## ✅ Testing & Verification
+
+Verify generated code against:
+
+- Project linting rules
+- Type checking requirements
+- Security best practices
+
+- Generate appropriate unit tests on request
+- Test both success and error paths
+- Consider edge cases in implementations
+- Fix issues before delivering final code
+- If requested, suggest test scenarios
+- After each implementation, check if examples in `../examples/*` need to be updated
+
+## 🤖 Response Format
+
+- Structure responses clearly
+- Highlight key decisions and tradeoffs
+- When providing complex implementations:
+  - Break down the solution into logical parts
+  - Explain complex or non-obvious patterns
+  - Offer alternative approaches when relevant
+- Include example usage for module integration
+- Verify if your solution meets all requirements before submitting
+
+## 💬 Interaction Guidelines
+
+- Be specific and concise
+- Ask clarifying questions when requirements are ambiguous
+- Break complex tasks into manageable units
+- Reuse existing code patterns when appropriate
+- Maintain consistent terminology with the project
+- Focus responses on the specific request
+- If a request cannot be fulfilled completely, explain why and offer alternatives
+
+## ⚙️ Implementation Rules
+
+### TypeScript Types vs Interfaces
+
+**STRICT**: Follow these rules for type definitions:
+
+- Use `interface` for:
+  - Object shapes that may be implemented or extended
+  - Class contracts
+- Use `type` for:
+  - Union types
+  - Intersection types
+  - Primitive type aliases
+  - Tuple types
+  - Function types
+  - Mapped and conditional types
+- Prefer interfaces when both options are viable (for better error messages and performance)
+- Reuse and extend types from @modelcontextprotocol/sdk whenever possible
+- Follow naming conventions established in the @modelcontextprotocol/sdk library
+
+### NestJS Code Generation Rules
+
+- Use NestJS CLI for generating files whenever possible (controllers, services, etc.)
+- Only generate files manually when they cannot be created through the CLI
+- Use NestJS module, controller, and service conventions
+- Decorate classes and methods appropriately (@Module, @Controller, @Injectable, etc.)
+- Use dependency injection for services and providers
+- Structure files and folders according to NestJS best practices
+- Use constructor-based injection
+- Follow NestJS module patterns for library development
+- Follow NestJS exception handling patterns
+- Implement Logger in strategic areas for better debugging capabilities

package/.github/prompts/memory.prompt.md

@@ -0,0 +1,120 @@
+# Persistent Memory System - Usage Guide
+
+## Main Objective
+
+This system enables the AI to **avoid repeating past mistakes** and **apply learned optimizations** across implementations. Through persistent memory, the AI:
+
+1. Applies previously discovered optimized solutions
+2. Consistently respects user preferences
+3. Builds a knowledge base of effective practices
+4. Eliminates problematic patterns identified in past work
+
+## Core Components
+
+This system operates through two distinct files:
+
+- **.memory/ia-learnings.md**: Technical findings and optimizations (AI can modify)
+- **.memory/user-learnings.md**: User preferences and requirements (read-only for AI)
+
+> **Important**: The AI can read but never modify `.memory/user-learnings.md`. Only the user has authority to update this file.
+
+## Implementation Workflow
+
+### 1. Initial Request Processing
+
+1. **Read Both Memory Files**
+
+   - Read both `.memory/ia-learnings.md` and `.memory/user-learnings.md` at the start of each new request
+   - Apply this knowledge when planning the implementation
+
+2. **Apply Relevant Knowledge**
+   - Identify applicable patterns from previous learnings
+   - Respect all documented user preferences
+   - Resolve any conflicts by prioritizing user preferences
+
+### 2. During Implementation
+
+1. **Reference Knowledge Base**
+
+   - Apply optimizations from `.memory/ia-learnings.md` when relevant
+   - Ensure compliance with all `.memory/user-learnings.md` preferences
+   - Reference specific findings: "Applying the optimization pattern for X from [date]"
+
+2. **Identify New Patterns**
+   - Recognize new optimizations and effective practices
+   - Evaluate their potential for reuse in future implementations
+   - Abstract specific implementations into general principles
+
+### 3. Knowledge Preservation
+
+1. **Document New Findings**
+
+   - After successful implementation, record valuable insights in `.memory/ia-learnings.md`
+   - Use the established format with before/after examples and clear context
+   - Focus on reusable patterns with broad applicability
+
+2. **Knowledge Refinement**
+
+   - Update existing entries when finding improvements to known patterns
+   - Add context notes about evolving understanding
+   - Maintain organized and searchable structure
+
+3. **Handle User Feedback**
+   - When receiving user feedback about preferences, suggest they document it
+   - Example: "Would you like to add this preference to your .memory/user-learnings.md for future implementations?"
+
+## Benefits
+
+1. **Continuous Improvement**
+
+   - Each interaction builds upon accumulated knowledge
+   - Implementation quality improves over time
+
+2. **Efficiency Gains**
+
+   - Eliminates repetitive instructions
+   - Accelerates implementation through applied knowledge
+
+3. **Transparency**
+   - All optimization decisions can be traced to specific learnings
+   - Clear history of applied practices
+
+## Practical Application Examples
+
+### Technical Optimization Application
+
+```
+User: "Create a database query function for product filtering"
+
+AI: "Based on a previous optimization I documented on [date], I'll implement
+the filtering directly at the database level rather than in application code,
+which significantly reduces data transfer and improves performance..."
+```
+
+### User Preference Application
+
+```
+User: "Build a new React component"
+
+AI: "I'll implement this following your documented preferences:
+- Using TypeScript with functional components
+- Following Atomic Design principles
+- Implementing WCAG accessibility standards
+- Using your preferred naming conventions..."
+```
+
+## Considerations
+
+1. **Context Sensitivity**
+
+   - Not all learnings apply universally - evaluate relevance
+   - User preferences always take priority when conflicts arise
+
+2. **Knowledge Evolution**
+
+   - Technical optimizations may become obsolete with new technology versions
+   - Regular review of outdated patterns is recommended
+
+3. **System Boundaries**
+   - The AI reads from `.memory/user-learnings.md` but never modifies it
+   - Knowledge persistence improves over repeated interactions

package/.github/workflows/auto-tag-release.yml

@@ -0,0 +1,84 @@
+name: Auto Tag Release
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+
+jobs:
+  tag-release:
+    if: >-
+      github.event.pull_request.merged == true &&
+      (startsWith(github.event.pull_request.head.ref, 'release/') || startsWith(github.event.pull_request.head.ref, 'hotfix/'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '22.x'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install jq
+        run: sudo apt-get update && sudo apt-get install -y jq
+
+      - name: Get versions
+        id: versions
+        run: |
+          # Get previous version from main branch
+          git fetch origin main
+          PREV_VERSION=$(git show origin/main:package.json | jq -r .version)
+          echo "PREV_VERSION=$PREV_VERSION" >> $GITHUB_ENV
+
+          # Get current version from merged PR
+          CURR_VERSION=$(jq -r .version package.json)
+          echo "CURR_VERSION=$CURR_VERSION" >> $GITHUB_ENV
+
+          echo "Previous version: $PREV_VERSION"
+          echo "Current version: $CURR_VERSION"
+
+      - name: Validate version change
+        run: |
+          if [ "$PREV_VERSION" = "$CURR_VERSION" ]; then
+            echo "::error::Version in package.json did not change ($CURR_VERSION). A release or hotfix must increment the version number."
+            exit 1
+          fi
+          echo "Version changed from $PREV_VERSION to $CURR_VERSION ✓"
+
+      - name: Comment on PR if version did not change
+        if: failure()
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh pr comment ${{ github.event.pull_request.number }} --body "❌ Tag not created: Please update the version in package.json to create a new release tag."
+
+      - name: Check if tag exists
+        id: check_tag
+        run: |
+          git fetch --tags
+          if git rev-parse "v$CURR_VERSION" >/dev/null 2>&1; then
+            echo "::error::Tag v$CURR_VERSION already exists. Cannot create duplicate tag."
+            exit 1
+          fi
+          echo "Tag v$CURR_VERSION does not exist yet ✓"
+
+      - name: Create tag and push
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git tag v$CURR_VERSION
+          git push origin v$CURR_VERSION
+          echo "✅ Successfully created and pushed tag v$CURR_VERSION"
+
+      - name: Comment on PR if tag created
+        if: success() && env.EXISTS == 'false'
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh pr comment ${{ github.event.pull_request.number }} --body "✅ Tag v${{ env.VERSION }} created successfully."

package/.github/workflows/codeql-analysis.yml

@@ -0,0 +1,56 @@
+name: 'CodeQL Security Analysis'
+
+on:
+  pull_request:
+    branches: [main, develop]
+  schedule:
+    - cron: '0 0 * * 1'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['typescript']
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '22.x'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install PNPM
+        uses: pnpm/action-setup@v2
+        with:
+          version: 10
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          queries: security-extended
+          config-file: ./.github/codeql-config.yml
+
+      - name: Build project for analysis
+        run: pnpm run build
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: '/language:${{matrix.language}}'

package/.github/workflows/npm-publish.yml

@@ -0,0 +1,58 @@
+name: Build and Deploy to NPM on Tag
+
+on:
+  push:
+    tags:
+      - 'v*'
+      - '*.*.*' # Also trigger on tags without 'v' prefix
+
+jobs:
+  build-and-publish:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # Importante para acceder al historial completo
+
+      - name: Setup Node
+        uses: actions/setup-node@v3
+        with:
+          node-version: '22.x'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Install PNPM
+        uses: pnpm/action-setup@v2
+        with:
+          version: 10
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Build package
+        run: pnpm run build
+
+      - name: Ensure tag matches package.json version
+        run: |
+          TAG_VERSION=${GITHUB_REF#refs/tags/v}
+          PKG_VERSION=$(node -p "require('./package.json').version")
+          if [ "$TAG_VERSION" != "$PKG_VERSION" ]; then
+            echo "Tag version ($TAG_VERSION) does not match package.json version ($PKG_VERSION)."
+            exit 1
+          fi
+
+      - name: Ensure tag is on main (for latest only)
+        if: startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-')
+        run: |
+          TAG_COMMIT=$(git rev-list -n 1 ${{ github.ref }})
+          MAIN_COMMIT=$(git rev-parse origin/main)
+          if [ "$TAG_COMMIT" != "$MAIN_COMMIT" ]; then
+            echo "Tag is not on main. Aborting publish as latest."
+            exit 1
+          fi
+
+      - name: Publish to NPM (with validations)
+        run: pnpm run publish -- --no-dry-run
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          CI: true