npm - @neverinfamous/mysql-mcp - Versions diffs - 2.3.0 → 3.0.0 - Mend

@neverinfamous/mysql-mcp 2.3.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (347) hide show

package/.dockerignore +1 -0
package/.gitattributes +18 -0
package/.github/workflows/codeql.yml +2 -10
package/.github/workflows/docker-publish.yml +15 -13
package/CHANGELOG.md +287 -1
package/DOCKER_README.md +100 -265
package/Dockerfile +5 -0
package/README.md +124 -59
package/VERSION +1 -1
package/dist/__tests__/mocks/adapter.d.ts.map +1 -1
package/dist/__tests__/mocks/adapter.js +2 -0
package/dist/__tests__/mocks/adapter.js.map +1 -1
package/dist/adapters/DatabaseAdapter.d.ts.map +1 -1
package/dist/adapters/DatabaseAdapter.js +50 -9
package/dist/adapters/DatabaseAdapter.js.map +1 -1
package/dist/adapters/mysql/MySQLAdapter.d.ts +6 -0
package/dist/adapters/mysql/MySQLAdapter.d.ts.map +1 -1
package/dist/adapters/mysql/MySQLAdapter.js +8 -0
package/dist/adapters/mysql/MySQLAdapter.js.map +1 -1
package/dist/adapters/mysql/SchemaManager.js +16 -15
package/dist/adapters/mysql/SchemaManager.js.map +1 -1
package/dist/adapters/mysql/prompts/index.js +10 -20
package/dist/adapters/mysql/prompts/index.js.map +1 -1
package/dist/adapters/mysql/prompts/proxysqlSetup.js +1 -1
package/dist/adapters/mysql/resources/docstore.d.ts.map +1 -1
package/dist/adapters/mysql/resources/docstore.js +10 -7
package/dist/adapters/mysql/resources/docstore.js.map +1 -1
package/dist/adapters/mysql/resources/events.js +11 -8
package/dist/adapters/mysql/resources/events.js.map +1 -1
package/dist/adapters/mysql/resources/indexes.d.ts.map +1 -1
package/dist/adapters/mysql/resources/indexes.js +12 -15
package/dist/adapters/mysql/resources/indexes.js.map +1 -1
package/dist/adapters/mysql/resources/innodb.d.ts.map +1 -1
package/dist/adapters/mysql/resources/innodb.js +20 -17
package/dist/adapters/mysql/resources/innodb.js.map +1 -1
package/dist/adapters/mysql/resources/locks.d.ts.map +1 -1
package/dist/adapters/mysql/resources/locks.js +9 -6
package/dist/adapters/mysql/resources/locks.js.map +1 -1
package/dist/adapters/mysql/resources/performance.d.ts.map +1 -1
package/dist/adapters/mysql/resources/performance.js +15 -15
package/dist/adapters/mysql/resources/performance.js.map +1 -1
package/dist/adapters/mysql/resources/spatial.d.ts.map +1 -1
package/dist/adapters/mysql/resources/spatial.js +9 -6
package/dist/adapters/mysql/resources/spatial.js.map +1 -1
package/dist/adapters/mysql/resources/sysschema.d.ts.map +1 -1
package/dist/adapters/mysql/resources/sysschema.js +12 -9
package/dist/adapters/mysql/resources/sysschema.js.map +1 -1
package/dist/adapters/mysql/tools/admin/backup.d.ts.map +1 -1
package/dist/adapters/mysql/tools/admin/backup.js +170 -121
package/dist/adapters/mysql/tools/admin/backup.js.map +1 -1
package/dist/adapters/mysql/tools/admin/maintenance.d.ts.map +1 -1
package/dist/adapters/mysql/tools/admin/maintenance.js +106 -57
package/dist/adapters/mysql/tools/admin/maintenance.js.map +1 -1
package/dist/adapters/mysql/tools/admin/monitoring.d.ts.map +1 -1
package/dist/adapters/mysql/tools/admin/monitoring.js +183 -101
package/dist/adapters/mysql/tools/admin/monitoring.js.map +1 -1
package/dist/adapters/mysql/tools/cluster/group-replication.d.ts.map +1 -1
package/dist/adapters/mysql/tools/cluster/group-replication.js +164 -120
package/dist/adapters/mysql/tools/cluster/group-replication.js.map +1 -1
package/dist/adapters/mysql/tools/cluster/innodb-cluster.d.ts.map +1 -1
package/dist/adapters/mysql/tools/cluster/innodb-cluster.js +212 -145
package/dist/adapters/mysql/tools/cluster/innodb-cluster.js.map +1 -1
package/dist/adapters/mysql/tools/codemode/index.d.ts.map +1 -1
package/dist/adapters/mysql/tools/codemode/index.js +6 -4
package/dist/adapters/mysql/tools/codemode/index.js.map +1 -1
package/dist/adapters/mysql/tools/core.d.ts.map +1 -1
package/dist/adapters/mysql/tools/core.js +152 -29
package/dist/adapters/mysql/tools/core.js.map +1 -1
package/dist/adapters/mysql/tools/docstore.d.ts.map +1 -1
package/dist/adapters/mysql/tools/docstore.js +340 -163
package/dist/adapters/mysql/tools/docstore.js.map +1 -1
package/dist/adapters/mysql/tools/events.d.ts.map +1 -1
package/dist/adapters/mysql/tools/events.js +284 -198
package/dist/adapters/mysql/tools/events.js.map +1 -1
package/dist/adapters/mysql/tools/json/core.d.ts.map +1 -1
package/dist/adapters/mysql/tools/json/core.js +11 -39
package/dist/adapters/mysql/tools/json/core.js.map +1 -1
package/dist/adapters/mysql/tools/json/enhanced.d.ts.map +1 -1
package/dist/adapters/mysql/tools/json/enhanced.js +15 -33
package/dist/adapters/mysql/tools/json/enhanced.js.map +1 -1
package/dist/adapters/mysql/tools/json/helpers.d.ts.map +1 -1
package/dist/adapters/mysql/tools/json/helpers.js +13 -24
package/dist/adapters/mysql/tools/json/helpers.js.map +1 -1
package/dist/adapters/mysql/tools/partitioning.js +3 -0
package/dist/adapters/mysql/tools/partitioning.js.map +1 -1
package/dist/adapters/mysql/tools/performance/analysis.d.ts.map +1 -1
package/dist/adapters/mysql/tools/performance/analysis.js +89 -60
package/dist/adapters/mysql/tools/performance/analysis.js.map +1 -1
package/dist/adapters/mysql/tools/performance/optimization.d.ts.map +1 -1
package/dist/adapters/mysql/tools/performance/optimization.js +151 -127
package/dist/adapters/mysql/tools/performance/optimization.js.map +1 -1
package/dist/adapters/mysql/tools/proxysql.d.ts +1 -1
package/dist/adapters/mysql/tools/proxysql.d.ts.map +1 -1
package/dist/adapters/mysql/tools/proxysql.js +289 -176
package/dist/adapters/mysql/tools/proxysql.js.map +1 -1
package/dist/adapters/mysql/tools/replication.js +75 -49
package/dist/adapters/mysql/tools/replication.js.map +1 -1
package/dist/adapters/mysql/tools/roles.d.ts.map +1 -1
package/dist/adapters/mysql/tools/roles.js +224 -182
package/dist/adapters/mysql/tools/roles.js.map +1 -1
package/dist/adapters/mysql/tools/router.d.ts.map +1 -1
package/dist/adapters/mysql/tools/router.js +168 -67
package/dist/adapters/mysql/tools/router.js.map +1 -1
package/dist/adapters/mysql/tools/schema/constraints.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/constraints.js +21 -3
package/dist/adapters/mysql/tools/schema/constraints.js.map +1 -1
package/dist/adapters/mysql/tools/schema/management.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/management.js +61 -14
package/dist/adapters/mysql/tools/schema/management.js.map +1 -1
package/dist/adapters/mysql/tools/schema/routines.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/routines.js +27 -4
package/dist/adapters/mysql/tools/schema/routines.js.map +1 -1
package/dist/adapters/mysql/tools/schema/scheduled_events.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/scheduled_events.js +24 -3
package/dist/adapters/mysql/tools/schema/scheduled_events.js.map +1 -1
package/dist/adapters/mysql/tools/schema/triggers.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/triggers.js +23 -2
package/dist/adapters/mysql/tools/schema/triggers.js.map +1 -1
package/dist/adapters/mysql/tools/schema/views.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/views.js +47 -7
package/dist/adapters/mysql/tools/schema/views.js.map +1 -1
package/dist/adapters/mysql/tools/security/audit.d.ts.map +1 -1
package/dist/adapters/mysql/tools/security/audit.js +102 -34
package/dist/adapters/mysql/tools/security/audit.js.map +1 -1
package/dist/adapters/mysql/tools/security/data-protection.d.ts.map +1 -1
package/dist/adapters/mysql/tools/security/data-protection.js +264 -205
package/dist/adapters/mysql/tools/security/data-protection.js.map +1 -1
package/dist/adapters/mysql/tools/security/encryption.d.ts.map +1 -1
package/dist/adapters/mysql/tools/security/encryption.js +137 -104
package/dist/adapters/mysql/tools/security/encryption.js.map +1 -1
package/dist/adapters/mysql/tools/shell/backup.d.ts.map +1 -1
package/dist/adapters/mysql/tools/shell/backup.js +71 -59
package/dist/adapters/mysql/tools/shell/backup.js.map +1 -1
package/dist/adapters/mysql/tools/shell/restore.d.ts.map +1 -1
package/dist/adapters/mysql/tools/shell/restore.js +61 -47
package/dist/adapters/mysql/tools/shell/restore.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/geometry.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/geometry.js +19 -5
package/dist/adapters/mysql/tools/spatial/geometry.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/operations.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/operations.js +42 -17
package/dist/adapters/mysql/tools/spatial/operations.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/queries.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/queries.js +109 -57
package/dist/adapters/mysql/tools/spatial/queries.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/setup.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/setup.js +103 -50
package/dist/adapters/mysql/tools/spatial/setup.js.map +1 -1
package/dist/adapters/mysql/tools/stats/comparative.d.ts.map +1 -1
package/dist/adapters/mysql/tools/stats/comparative.js +128 -79
package/dist/adapters/mysql/tools/stats/comparative.js.map +1 -1
package/dist/adapters/mysql/tools/stats/descriptive.d.ts.map +1 -1
package/dist/adapters/mysql/tools/stats/descriptive.js +174 -102
package/dist/adapters/mysql/tools/stats/descriptive.js.map +1 -1
package/dist/adapters/mysql/tools/sysschema/activity.d.ts.map +1 -1
package/dist/adapters/mysql/tools/sysschema/activity.js +50 -25
package/dist/adapters/mysql/tools/sysschema/activity.js.map +1 -1
package/dist/adapters/mysql/tools/sysschema/performance.d.ts.map +1 -1
package/dist/adapters/mysql/tools/sysschema/performance.js +121 -66
package/dist/adapters/mysql/tools/sysschema/performance.js.map +1 -1
package/dist/adapters/mysql/tools/sysschema/resources.d.ts.map +1 -1
package/dist/adapters/mysql/tools/sysschema/resources.js +101 -64
package/dist/adapters/mysql/tools/sysschema/resources.js.map +1 -1
package/dist/adapters/mysql/tools/text/fulltext.d.ts.map +1 -1
package/dist/adapters/mysql/tools/text/fulltext.js +18 -32
package/dist/adapters/mysql/tools/text/fulltext.js.map +1 -1
package/dist/adapters/mysql/tools/transactions.d.ts.map +1 -1
package/dist/adapters/mysql/tools/transactions.js +48 -23
package/dist/adapters/mysql/tools/transactions.js.map +1 -1
package/dist/adapters/mysql/types/proxysql-types.d.ts +15 -0
package/dist/adapters/mysql/types/proxysql-types.d.ts.map +1 -1
package/dist/adapters/mysql/types/proxysql-types.js +33 -1
package/dist/adapters/mysql/types/proxysql-types.js.map +1 -1
package/dist/adapters/mysql/types/router-types.d.ts +1 -1
package/dist/adapters/mysql/types/router-types.js +1 -1
package/dist/adapters/mysql/types/router-types.js.map +1 -1
package/dist/adapters/mysql/types/shell-types.js +2 -2
package/dist/adapters/mysql/types/shell-types.js.map +1 -1
package/dist/adapters/mysql/types.d.ts +485 -21
package/dist/adapters/mysql/types.d.ts.map +1 -1
package/dist/adapters/mysql/types.js +546 -19
package/dist/adapters/mysql/types.js.map +1 -1
package/dist/auth/scopes.js +1 -1
package/dist/auth/scopes.js.map +1 -1
package/dist/codemode/api.d.ts +3 -2
package/dist/codemode/api.d.ts.map +1 -1
package/dist/codemode/api.js +80 -5
package/dist/codemode/api.js.map +1 -1
package/dist/codemode/sandbox-factory.js +1 -1
package/dist/codemode/sandbox-factory.js.map +1 -1
package/dist/codemode/types.d.ts +26 -0
package/dist/codemode/types.d.ts.map +1 -1
package/dist/codemode/types.js +2 -0
package/dist/codemode/types.js.map +1 -1
package/dist/codemode/worker-sandbox.d.ts +4 -2
package/dist/codemode/worker-sandbox.d.ts.map +1 -1
package/dist/codemode/worker-sandbox.js +66 -7
package/dist/codemode/worker-sandbox.js.map +1 -1
package/dist/codemode/worker-script.d.ts +3 -0
package/dist/codemode/worker-script.d.ts.map +1 -1
package/dist/codemode/worker-script.js +128 -75
package/dist/codemode/worker-script.js.map +1 -1
package/dist/constants/ServerInstructions.d.ts +1 -1
package/dist/constants/ServerInstructions.d.ts.map +1 -1
package/dist/constants/ServerInstructions.js +37 -31
package/dist/constants/ServerInstructions.js.map +1 -1
package/dist/filtering/ToolConstants.d.ts +1 -1
package/dist/filtering/ToolConstants.d.ts.map +1 -1
package/dist/filtering/ToolConstants.js +1 -2
package/dist/filtering/ToolConstants.js.map +1 -1
package/dist/pool/ConnectionPool.d.ts.map +1 -1
package/dist/pool/ConnectionPool.js.map +1 -1
package/dist/transports/http.d.ts.map +1 -1
package/dist/transports/http.js +6 -0
package/dist/transports/http.js.map +1 -1
package/dist/utils/validators.d.ts +1 -1
package/dist/utils/validators.d.ts.map +1 -1
package/dist/utils/validators.js.map +1 -1
package/package.json +4 -4
package/releases/v2.3.0-release-notes.md +20 -20
package/releases/v2.3.1-release-notes.md +34 -0
package/releases/v3.0.0-release-notes.md +81 -0
package/src/__tests__/mocks/adapter.ts +3 -0
package/src/__tests__/perf.test.ts +6 -6
package/src/adapters/DatabaseAdapter.ts +58 -9
package/src/adapters/__tests__/DatabaseAdapter.test.ts +89 -8
package/src/adapters/mysql/MySQLAdapter.ts +17 -2
package/src/adapters/mysql/SchemaManager.ts +21 -21
package/src/adapters/mysql/__tests__/MySQLAdapter.test.ts +1 -1
package/src/adapters/mysql/prompts/index.ts +12 -22
package/src/adapters/mysql/prompts/proxysqlSetup.ts +1 -1
package/src/adapters/mysql/resources/docstore.ts +13 -10
package/src/adapters/mysql/resources/events.ts +12 -12
package/src/adapters/mysql/resources/indexes.ts +17 -19
package/src/adapters/mysql/resources/innodb.ts +23 -22
package/src/adapters/mysql/resources/locks.ts +9 -7
package/src/adapters/mysql/resources/performance.ts +23 -18
package/src/adapters/mysql/resources/spatial.ts +9 -7
package/src/adapters/mysql/resources/sysschema.ts +12 -11
package/src/adapters/mysql/tools/__tests__/core.test.ts +126 -55
package/src/adapters/mysql/tools/__tests__/docstore.test.ts +459 -88
package/src/adapters/mysql/tools/__tests__/events.test.ts +281 -103
package/src/adapters/mysql/tools/__tests__/proxysql.test.ts +128 -28
package/src/adapters/mysql/tools/__tests__/replication.test.ts +48 -2
package/src/adapters/mysql/tools/__tests__/roles.test.ts +15 -18
package/src/adapters/mysql/tools/__tests__/router.test.ts +32 -5
package/src/adapters/mysql/tools/__tests__/security.test.ts +126 -2
package/src/adapters/mysql/tools/__tests__/security_injection.test.ts +84 -76
package/src/adapters/mysql/tools/__tests__/security_integration.test.ts +47 -50
package/src/adapters/mysql/tools/__tests__/spatial.test.ts +11 -10
package/src/adapters/mysql/tools/__tests__/spatial_handler.test.ts +54 -38
package/src/adapters/mysql/tools/__tests__/stats.test.ts +285 -152
package/src/adapters/mysql/tools/__tests__/transactions.test.ts +13 -13
package/src/adapters/mysql/tools/admin/__tests__/backup.test.ts +171 -25
package/src/adapters/mysql/tools/admin/__tests__/maintenance.test.ts +240 -4
package/src/adapters/mysql/tools/admin/__tests__/monitoring-summary.test.ts +274 -0
package/src/adapters/mysql/tools/admin/__tests__/monitoring.test.ts +94 -5
package/src/adapters/mysql/tools/admin/backup.ts +193 -143
package/src/adapters/mysql/tools/admin/maintenance.ts +118 -69
package/src/adapters/mysql/tools/admin/monitoring.ts +201 -125
package/src/adapters/mysql/tools/cluster/__tests__/group-replication.test.ts +69 -0
package/src/adapters/mysql/tools/cluster/__tests__/innodb-cluster.test.ts +141 -0
package/src/adapters/mysql/tools/cluster/group-replication.ts +172 -132
package/src/adapters/mysql/tools/cluster/innodb-cluster.ts +231 -157
package/src/adapters/mysql/tools/codemode/__tests__/codemode-tool.test.ts +227 -0
package/src/adapters/mysql/tools/codemode/index.ts +5 -3
package/src/adapters/mysql/tools/core.ts +152 -38
package/src/adapters/mysql/tools/docstore.ts +422 -205
package/src/adapters/mysql/tools/events.ts +334 -233
package/src/adapters/mysql/tools/json/__tests__/core.test.ts +20 -0
package/src/adapters/mysql/tools/json/__tests__/enhanced.test.ts +82 -50
package/src/adapters/mysql/tools/json/__tests__/helpers.test.ts +42 -3
package/src/adapters/mysql/tools/json/core.ts +21 -42
package/src/adapters/mysql/tools/json/enhanced.ts +22 -37
package/src/adapters/mysql/tools/json/helpers.ts +21 -25
package/src/adapters/mysql/tools/partitioning.ts +3 -0
package/src/adapters/mysql/tools/performance/__tests__/analysis.test.ts +98 -5
package/src/adapters/mysql/tools/performance/__tests__/optimization-coverage.test.ts +515 -0
package/src/adapters/mysql/tools/performance/__tests__/optimization.test.ts +187 -0
package/src/adapters/mysql/tools/performance/analysis.ts +95 -69
package/src/adapters/mysql/tools/performance/optimization.ts +182 -153
package/src/adapters/mysql/tools/proxysql.ts +314 -209
package/src/adapters/mysql/tools/replication.ts +84 -57
package/src/adapters/mysql/tools/roles.ts +274 -226
package/src/adapters/mysql/tools/router.ts +181 -85
package/src/adapters/mysql/tools/schema/__tests__/constraints.test.ts +13 -0
package/src/adapters/mysql/tools/schema/__tests__/management.test.ts +60 -25
package/src/adapters/mysql/tools/schema/__tests__/scheduled_events.test.ts +11 -0
package/src/adapters/mysql/tools/schema/__tests__/triggers.test.ts +25 -4
package/src/adapters/mysql/tools/schema/__tests__/views.test.ts +46 -14
package/src/adapters/mysql/tools/schema/constraints.ts +22 -3
package/src/adapters/mysql/tools/schema/management.ts +60 -15
package/src/adapters/mysql/tools/schema/routines.ts +26 -4
package/src/adapters/mysql/tools/schema/scheduled_events.ts +25 -3
package/src/adapters/mysql/tools/schema/triggers.ts +27 -2
package/src/adapters/mysql/tools/schema/views.ts +46 -8
package/src/adapters/mysql/tools/security/__tests__/audit.test.ts +90 -4
package/src/adapters/mysql/tools/security/audit.ts +113 -39
package/src/adapters/mysql/tools/security/data-protection.ts +293 -233
package/src/adapters/mysql/tools/security/encryption.ts +172 -139
package/src/adapters/mysql/tools/shell/__tests__/backup.test.ts +29 -0
package/src/adapters/mysql/tools/shell/backup.ts +90 -73
package/src/adapters/mysql/tools/shell/restore.ts +62 -48
package/src/adapters/mysql/tools/spatial/__tests__/operations.test.ts +22 -14
package/src/adapters/mysql/tools/spatial/__tests__/queries.test.ts +65 -51
package/src/adapters/mysql/tools/spatial/geometry.ts +23 -7
package/src/adapters/mysql/tools/spatial/operations.ts +60 -31
package/src/adapters/mysql/tools/spatial/queries.ts +142 -65
package/src/adapters/mysql/tools/spatial/setup.ts +121 -55
package/src/adapters/mysql/tools/stats/__tests__/comparative.test.ts +12 -10
package/src/adapters/mysql/tools/stats/comparative.ts +150 -98
package/src/adapters/mysql/tools/stats/descriptive.ts +204 -127
package/src/adapters/mysql/tools/sysschema/__tests__/error-paths.test.ts +222 -0
package/src/adapters/mysql/tools/sysschema/__tests__/performance.test.ts +45 -0
package/src/adapters/mysql/tools/sysschema/__tests__/resources.test.ts +6 -3
package/src/adapters/mysql/tools/sysschema/activity.ts +52 -27
package/src/adapters/mysql/tools/sysschema/performance.ts +132 -68
package/src/adapters/mysql/tools/sysschema/resources.ts +105 -67
package/src/adapters/mysql/tools/text/__tests__/fulltext.test.ts +45 -17
package/src/adapters/mysql/tools/text/fulltext.ts +27 -38
package/src/adapters/mysql/tools/transactions.ts +49 -24
package/src/adapters/mysql/types/proxysql-types.ts +38 -1
package/src/adapters/mysql/types/router-types.ts +1 -1
package/src/adapters/mysql/types/shell-types.ts +2 -2
package/src/adapters/mysql/types.ts +632 -19
package/src/auth/__tests__/scopes.test.ts +2 -2
package/src/auth/scopes.ts +1 -1
package/src/codemode/__tests__/api.test.ts +417 -0
package/src/codemode/__tests__/sandbox-factory.test.ts +158 -0
package/src/codemode/__tests__/sandbox.test.ts +301 -0
package/src/codemode/__tests__/security.test.ts +368 -0
package/src/codemode/__tests__/worker-sandbox.test.ts +179 -0
package/src/codemode/__tests__/worker-script.test.ts +226 -0
package/src/codemode/api.ts +89 -5
package/src/codemode/sandbox-factory.ts +1 -1
package/src/codemode/types.ts +34 -0
package/src/codemode/worker-sandbox.ts +74 -7
package/src/codemode/worker-script.ts +157 -86
package/src/constants/ServerInstructions.ts +37 -31
package/src/filtering/ToolConstants.ts +1 -2
package/src/filtering/__tests__/ToolFilter.test.ts +9 -9
package/src/pool/ConnectionPool.ts +4 -1
package/src/transports/__tests__/http.test.ts +15 -3
package/src/transports/http.ts +12 -0
package/src/utils/validators.ts +2 -1
package/vitest.config.ts +3 -1
package/CODE_MODE.md +0 -245

package/src/codemode/__tests__/sandbox.test.ts ADDED Viewed

@@ -0,0 +1,301 @@
+/**
+ * mysql-mcp - Code Mode Sandbox Unit Tests
+ *
+ * Tests for CodeModeSandbox (vm-based) and SandboxPool.
+ * Uses real Node.js vm module for sandbox execution.
+ */
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import { CodeModeSandbox, SandboxPool } from "../sandbox.js";
+// Suppress logger
+vi.mock("../../utils/logger.js", () => ({
+  logger: { info: vi.fn(), warning: vi.fn(), error: vi.fn() },
+}));
+describe("CodeModeSandbox", () => {
+  let sandbox: CodeModeSandbox;
+  beforeEach(() => {
+    sandbox = CodeModeSandbox.create({
+      memoryLimitMb: 64,
+      timeoutMs: 5000,
+      cpuLimitMs: 5000,
+    });
+  });
+  afterEach(() => {
+    sandbox.dispose();
+  });
+  // ===========================================================================
+  // Creation
+  // ===========================================================================
+  describe("create", () => {
+    it("should create a sandbox with default options", () => {
+      const s = CodeModeSandbox.create();
+      expect(s).toBeDefined();
+      expect(s.isHealthy()).toBe(true);
+      s.dispose();
+    });
+    it("should create a sandbox with custom options", () => {
+      expect(sandbox).toBeDefined();
+      expect(sandbox.isHealthy()).toBe(true);
+    });
+  });
+  // ===========================================================================
+  // Execution
+  // ===========================================================================
+  describe("execute", () => {
+    it("should execute simple code and return result", async () => {
+      const result = await sandbox.execute("return 42", {});
+      expect(result.success).toBe(true);
+      expect(result.result).toBe(42);
+      expect(result.metrics.wallTimeMs).toBeGreaterThanOrEqual(0);
+    });
+    it("should provide access to api bindings", async () => {
+      const mockApi = {
+        core: {
+          readQuery: vi
+            .fn()
+            .mockResolvedValue({ rows: [{ id: 1 }], rowsAffected: 0 }),
+        },
+      };
+      const result = await sandbox.execute(
+        "return await mysql.core.readQuery('SELECT 1')",
+        mockApi,
+      );
+      expect(result.success).toBe(true);
+      expect(mockApi.core.readQuery).toHaveBeenCalledWith("SELECT 1");
+    });
+    it("should capture console output", async () => {
+      await sandbox.execute(
+        'console.log("hello"); console.warn("warning")',
+        {},
+      );
+      const output = sandbox.getConsoleOutput();
+      expect(output.some((line: string) => line.includes("hello"))).toBe(true);
+      expect(output.some((line: string) => line.includes("warning"))).toBe(
+        true,
+      );
+    });
+    it("should handle code errors gracefully", async () => {
+      const result = await sandbox.execute("throw new Error('test error')", {});
+      expect(result.success).toBe(false);
+      expect(result.error).toContain("test error");
+    });
+    it("should handle syntax errors", async () => {
+      const result = await sandbox.execute("const x = {{{", {});
+      expect(result.success).toBe(false);
+      expect(result.error).toBeTruthy();
+    });
+    it("should handle async code", async () => {
+      const result = await sandbox.execute(
+        "const val = await Promise.resolve(99); return val",
+        {},
+      );
+      expect(result.success).toBe(true);
+      expect(result.result).toBe(99);
+    });
+    it("should fail on disposed sandbox", async () => {
+      sandbox.dispose();
+      const result = await sandbox.execute("return 1", {});
+      expect(result.success).toBe(false);
+      expect(result.error).toContain("disposed");
+    });
+    it("should include execution metrics", async () => {
+      const result = await sandbox.execute("return 1", {});
+      expect(result.metrics).toBeDefined();
+      expect(result.metrics.wallTimeMs).toBeGreaterThanOrEqual(0);
+      expect(result.metrics.memoryUsedMb).toBeGreaterThanOrEqual(0);
+    });
+    it("should handle console.error and console.info", async () => {
+      await sandbox.execute('console.error("err"); console.info("inf")', {});
+      const output = sandbox.getConsoleOutput();
+      expect(output.some((line: string) => line.includes("err"))).toBe(true);
+      expect(output.some((line: string) => line.includes("inf"))).toBe(true);
+    });
+  });
+  // ===========================================================================
+  // calculateMetrics
+  // ===========================================================================
+  describe("calculateMetrics", () => {
+    it("should calculate correct metrics", () => {
+      const metrics = sandbox.calculateMetrics(0, 100, 1000, 2000);
+      expect(metrics.wallTimeMs).toBe(100);
+      expect(metrics.memoryUsedMb).toBeGreaterThanOrEqual(0);
+    });
+  });
+  // ===========================================================================
+  // Console output management
+  // ===========================================================================
+  describe("getConsoleOutput / clearConsoleOutput", () => {
+    it("should return empty array initially", () => {
+      expect(sandbox.getConsoleOutput()).toHaveLength(0);
+    });
+    it("should clear console output", async () => {
+      await sandbox.execute('console.log("test")', {});
+      expect(sandbox.getConsoleOutput().length).toBeGreaterThan(0);
+      sandbox.clearConsoleOutput();
+      expect(sandbox.getConsoleOutput()).toHaveLength(0);
+    });
+  });
+  // ===========================================================================
+  // Health and disposal
+  // ===========================================================================
+  describe("isHealthy / dispose", () => {
+    it("should be healthy after creation", () => {
+      expect(sandbox.isHealthy()).toBe(true);
+    });
+    it("should be unhealthy after dispose", () => {
+      sandbox.dispose();
+      expect(sandbox.isHealthy()).toBe(false);
+    });
+    it("should handle multiple dispose calls", () => {
+      sandbox.dispose();
+      sandbox.dispose(); // Should not throw
+      expect(sandbox.isHealthy()).toBe(false);
+    });
+  });
+});
+// =============================================================================
+// SandboxPool
+// =============================================================================
+describe("SandboxPool", () => {
+  let pool: SandboxPool;
+  beforeEach(() => {
+    pool = new SandboxPool(
+      { minInstances: 0, maxInstances: 3, idleTimeoutMs: 1000 },
+      { memoryLimitMb: 64, timeoutMs: 5000, cpuLimitMs: 5000 },
+    );
+  });
+  afterEach(() => {
+    pool.dispose();
+  });
+  describe("initialize", () => {
+    it("should initialize without error", () => {
+      pool.initialize();
+      const stats = pool.getStats();
+      expect(stats.max).toBe(3);
+    });
+    it("should pre-warm minimum instances", () => {
+      const warmPool = new SandboxPool(
+        { minInstances: 2, maxInstances: 5, idleTimeoutMs: 1000 },
+        { memoryLimitMb: 64, timeoutMs: 5000, cpuLimitMs: 5000 },
+      );
+      warmPool.initialize();
+      expect(warmPool.getStats().available).toBe(2);
+      warmPool.dispose();
+    });
+  });
+  describe("acquire / release", () => {
+    it("should acquire and release sandboxes", () => {
+      pool.initialize();
+      const s = pool.acquire();
+      expect(s).toBeDefined();
+      expect(s.isHealthy()).toBe(true);
+      pool.release(s);
+    });
+    it("should track in-use count", () => {
+      pool.initialize();
+      const s = pool.acquire();
+      expect(pool.getStats().inUse).toBe(1);
+      pool.release(s);
+      expect(pool.getStats().inUse).toBe(0);
+    });
+    it("should throw when pool is exhausted", () => {
+      pool.initialize();
+      const acquired: CodeModeSandbox[] = [];
+      for (let i = 0; i < 3; i++) {
+        acquired.push(pool.acquire());
+      }
+      expect(() => pool.acquire()).toThrow();
+      for (const s of acquired) pool.release(s);
+    });
+    it("should dispose unhealthy sandbox on release", () => {
+      pool.initialize();
+      const s = pool.acquire();
+      s.dispose(); // Make it unhealthy
+      pool.release(s);
+      expect(pool.getStats().available).toBe(0);
+    });
+  });
+  describe("execute", () => {
+    it("should execute code using pooled sandbox", async () => {
+      pool.initialize();
+      const result = await pool.execute("return 42", {});
+      expect(result.success).toBe(true);
+      expect(result.result).toBe(42);
+    });
+    it("should handle execution errors", async () => {
+      pool.initialize();
+      const result = await pool.execute("throw new Error('pool error')", {});
+      expect(result.success).toBe(false);
+      expect(result.error).toContain("pool error");
+    });
+  });
+  describe("cleanup", () => {
+    it("should clean up idle sandboxes", () => {
+      pool.initialize();
+      // Acquire and release to create idle sandbox
+      const s = pool.acquire();
+      pool.release(s);
+      expect(pool.getStats().available).toBeGreaterThan(0);
+      // Advance time past idle timeout
+      vi.useFakeTimers();
+      vi.advanceTimersByTime(2000);
+      pool.cleanup();
+      vi.useRealTimers();
+    });
+  });
+  describe("getStats", () => {
+    it("should return correct stats", () => {
+      pool.initialize();
+      const stats = pool.getStats();
+      expect(stats).toHaveProperty("available");
+      expect(stats).toHaveProperty("inUse");
+      expect(stats).toHaveProperty("max");
+      expect(stats.max).toBe(3);
+    });
+  });
+  describe("dispose", () => {
+    it("should dispose all sandboxes", () => {
+      pool.initialize();
+      const s = pool.acquire();
+      pool.release(s);
+      pool.dispose();
+      expect(pool.getStats().available).toBe(0);
+    });
+  });
+});

package/src/codemode/__tests__/security.test.ts ADDED Viewed

@@ -0,0 +1,368 @@
+/**
+ * mysql-mcp - Code Mode Security Unit Tests
+ *
+ * Tests for CodeModeSecurityManager: validation, rate limiting,
+ * result sanitization, audit logging, and cleanup.
+ */
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { CodeModeSecurityManager } from "../security.js";
+import type { SandboxResult } from "../types.js";
+// Suppress logger output
+vi.mock("../../utils/logger.js", () => ({
+  logger: {
+    info: vi.fn(),
+    warning: vi.fn(),
+    error: vi.fn(),
+  },
+}));
+describe("CodeModeSecurityManager", () => {
+  let manager: CodeModeSecurityManager;
+  beforeEach(() => {
+    vi.clearAllMocks();
+    manager = new CodeModeSecurityManager();
+  });
+  // ===========================================================================
+  // validateCode
+  // ===========================================================================
+  describe("validateCode", () => {
+    it("should accept valid code", () => {
+      const result = manager.validateCode(
+        'const x = await mysql.core.readQuery("SELECT 1")',
+      );
+      expect(result.valid).toBe(true);
+      expect(result.errors).toHaveLength(0);
+    });
+    it("should reject empty string", () => {
+      const result = manager.validateCode("");
+      expect(result.valid).toBe(false);
+      expect(result.errors[0]).toContain("non-empty string");
+    });
+    it("should reject non-string input", () => {
+      const result = manager.validateCode(null as unknown as string);
+      expect(result.valid).toBe(false);
+      expect(result.errors[0]).toContain("non-empty string");
+    });
+    it("should reject code exceeding max length", () => {
+      const longCode = "x".repeat(100_000);
+      const result = manager.validateCode(longCode);
+      expect(result.valid).toBe(false);
+      expect(result.errors[0]).toContain("maximum length");
+    });
+    it("should detect require() pattern", () => {
+      const result = manager.validateCode('const fs = require("fs")');
+      expect(result.valid).toBe(false);
+      expect(result.errors.length).toBeGreaterThan(0);
+    });
+    it("should detect dynamic import()", () => {
+      const result = manager.validateCode('const m = import("child_process")');
+      expect(result.valid).toBe(false);
+    });
+    it("should detect process access", () => {
+      const result = manager.validateCode("process.exit(1)");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect eval()", () => {
+      const result = manager.validateCode('eval("malicious")');
+      expect(result.valid).toBe(false);
+    });
+    it("should detect Function constructor", () => {
+      const result = manager.validateCode('new Function("return 1")');
+      expect(result.valid).toBe(false);
+    });
+    it("should detect __proto__ access", () => {
+      const result = manager.validateCode("obj.__proto__.polluted = true");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect constructor.constructor chaining", () => {
+      const result = manager.validateCode(
+        '"".constructor.constructor("return this")()',
+      );
+      expect(result.valid).toBe(false);
+    });
+    it("should detect globalThis access", () => {
+      const result = manager.validateCode("globalThis.foo = 1");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect child_process", () => {
+      const result = manager.validateCode("child_process.exec('ls')");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect fs access", () => {
+      const result = manager.validateCode("fs.readFileSync('/etc/passwd')");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect net access", () => {
+      const result = manager.validateCode("net.connect(80)");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect http access", () => {
+      const result = manager.validateCode("http.get('http://evil.test')");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect https access", () => {
+      const result = manager.validateCode("https.get('https://evil.test')");
+      expect(result.valid).toBe(false);
+    });
+    it("should detect bracket-notation constructor access", () => {
+      const result = manager.validateCode('x["constructor"]');
+      expect(result.valid).toBe(false);
+    });
+    it("should detect Reflect.construct", () => {
+      const result = manager.validateCode("Reflect.construct(Array, [])");
+      expect(result.valid).toBe(false);
+    });
+    it("should accumulate multiple blocked pattern errors", () => {
+      const result = manager.validateCode(
+        'require("fs"); process.exit(1); eval("x")',
+      );
+      expect(result.valid).toBe(false);
+      expect(result.errors.length).toBeGreaterThanOrEqual(3);
+    });
+    it("should respect custom maxCodeLength", () => {
+      const small = new CodeModeSecurityManager({ maxCodeLength: 10 });
+      const result = small.validateCode("a".repeat(11));
+      expect(result.valid).toBe(false);
+    });
+  });
+  // ===========================================================================
+  // checkRateLimit
+  // ===========================================================================
+  describe("checkRateLimit", () => {
+    it("should allow first request", () => {
+      expect(manager.checkRateLimit("client-1")).toBe(true);
+    });
+    it("should allow requests within limit", () => {
+      for (let i = 0; i < 59; i++) {
+        expect(manager.checkRateLimit("client-2")).toBe(true);
+      }
+    });
+    it("should block when limit exceeded", () => {
+      const smallLimit = new CodeModeSecurityManager({
+        maxExecutionsPerMinute: 3,
+      });
+      expect(smallLimit.checkRateLimit("c")).toBe(true);
+      expect(smallLimit.checkRateLimit("c")).toBe(true);
+      expect(smallLimit.checkRateLimit("c")).toBe(true);
+      expect(smallLimit.checkRateLimit("c")).toBe(false);
+    });
+    it("should reset after window expires", () => {
+      const smallLimit = new CodeModeSecurityManager({
+        maxExecutionsPerMinute: 1,
+      });
+      expect(smallLimit.checkRateLimit("c")).toBe(true);
+      expect(smallLimit.checkRateLimit("c")).toBe(false);
+      // Simulate time passage by manipulating the internal map
+      vi.useFakeTimers();
+      vi.advanceTimersByTime(61_000);
+      expect(smallLimit.checkRateLimit("c")).toBe(true);
+      vi.useRealTimers();
+    });
+    it("should track clients independently", () => {
+      const smallLimit = new CodeModeSecurityManager({
+        maxExecutionsPerMinute: 1,
+      });
+      expect(smallLimit.checkRateLimit("a")).toBe(true);
+      expect(smallLimit.checkRateLimit("a")).toBe(false);
+      expect(smallLimit.checkRateLimit("b")).toBe(true);
+    });
+  });
+  // ===========================================================================
+  // getRateLimitRemaining
+  // ===========================================================================
+  describe("getRateLimitRemaining", () => {
+    it("should return full limit for unknown client", () => {
+      expect(manager.getRateLimitRemaining("unknown")).toBe(60);
+    });
+    it("should decrease after requests", () => {
+      manager.checkRateLimit("client");
+      expect(manager.getRateLimitRemaining("client")).toBe(59);
+    });
+    it("should return 0 when exhausted", () => {
+      const small = new CodeModeSecurityManager({
+        maxExecutionsPerMinute: 2,
+      });
+      small.checkRateLimit("c");
+      small.checkRateLimit("c");
+      expect(small.getRateLimitRemaining("c")).toBe(0);
+    });
+    it("should return full limit after window expires", () => {
+      manager.checkRateLimit("client");
+      vi.useFakeTimers();
+      vi.advanceTimersByTime(61_000);
+      expect(manager.getRateLimitRemaining("client")).toBe(60);
+      vi.useRealTimers();
+    });
+  });
+  // ===========================================================================
+  // sanitizeResult
+  // ===========================================================================
+  describe("sanitizeResult", () => {
+    it("should pass through small results", () => {
+      const input = { foo: "bar" };
+      expect(manager.sanitizeResult(input)).toEqual(input);
+    });
+    it("should truncate oversized results", () => {
+      const small = new CodeModeSecurityManager({ maxResultSize: 10 });
+      const result = small.sanitizeResult({ data: "a".repeat(100) }) as {
+        _truncated: boolean;
+      };
+      expect(result._truncated).toBe(true);
+    });
+    it("should handle non-serializable results", () => {
+      const circular: Record<string, unknown> = {};
+      circular.self = circular;
+      const result = manager.sanitizeResult(circular) as {
+        _error: string;
+      };
+      expect(result._error).toContain("could not be serialized");
+    });
+  });
+  // ===========================================================================
+  // auditLog
+  // ===========================================================================
+  describe("auditLog", () => {
+    const makeResult = (success: boolean): SandboxResult => ({
+      success,
+      result: success ? "ok" : undefined,
+      error: success ? undefined : "test error",
+      stack: success ? undefined : "Error: test error\n  at line 1",
+      metrics: { wallTimeMs: 10, cpuTimeMs: 5, memoryUsedMb: 1 },
+    });
+    it("should log successful executions", async () => {
+      const { logger } = await import("../../utils/logger.js");
+      const record = manager.createExecutionRecord(
+        "const x = 1",
+        makeResult(true),
+        false,
+        "client-1",
+      );
+      manager.auditLog(record);
+      expect(logger.info).toHaveBeenCalled();
+    });
+    it("should log failed executions with warning", async () => {
+      const { logger } = await import("../../utils/logger.js");
+      const record = manager.createExecutionRecord(
+        "bad code",
+        makeResult(false),
+        true,
+      );
+      manager.auditLog(record);
+      expect(logger.warning).toHaveBeenCalled();
+    });
+  });
+  // ===========================================================================
+  // createExecutionRecord
+  // ===========================================================================
+  describe("createExecutionRecord", () => {
+    it("should create record with correct fields", () => {
+      const result: SandboxResult = {
+        success: true,
+        result: 42,
+        metrics: { wallTimeMs: 10, cpuTimeMs: 5, memoryUsedMb: 1 },
+      };
+      const record = manager.createExecutionRecord(
+        "const x = 1",
+        result,
+        false,
+        "client-1",
+      );
+      expect(record.id).toBeTruthy();
+      expect(record.clientId).toBe("client-1");
+      expect(record.timestamp).toBeInstanceOf(Date);
+      expect(record.codePreview).toBe("const x = 1");
+      expect(record.result).toEqual(result);
+      expect(record.readonly).toBe(false);
+    });
+    it("should truncate long code in preview", () => {
+      const longCode = "x".repeat(300);
+      const result: SandboxResult = {
+        success: true,
+        metrics: { wallTimeMs: 0, cpuTimeMs: 0, memoryUsedMb: 0 },
+      };
+      const record = manager.createExecutionRecord(longCode, result, true);
+      expect(record.codePreview.length).toBeLessThan(longCode.length);
+      expect(record.codePreview).toContain("...");
+    });
+    it("should handle undefined clientId", () => {
+      const result: SandboxResult = {
+        success: true,
+        metrics: { wallTimeMs: 0, cpuTimeMs: 0, memoryUsedMb: 0 },
+      };
+      const record = manager.createExecutionRecord("x", result, false);
+      expect(record.clientId).toBeUndefined();
+    });
+  });
+  // ===========================================================================
+  // cleanupRateLimits
+  // ===========================================================================
+  describe("cleanupRateLimits", () => {
+    it("should remove expired entries", () => {
+      const small = new CodeModeSecurityManager({
+        maxExecutionsPerMinute: 1,
+      });
+      small.checkRateLimit("client-old");
+      small.checkRateLimit("client-old"); // blocked
+      vi.useFakeTimers();
+      vi.advanceTimersByTime(61_000);
+      small.cleanupRateLimits();
+      // After cleanup, should have full limit again
+      expect(small.getRateLimitRemaining("client-old")).toBe(1);
+      vi.useRealTimers();
+    });
+    it("should keep active entries", () => {
+      manager.checkRateLimit("active");
+      manager.cleanupRateLimits();
+      expect(manager.getRateLimitRemaining("active")).toBe(59);
+    });
+  });
+});