npm - @neverinfamous/mysql-mcp - Versions diffs - 2.3.0 → 3.0.0 - Mend

@neverinfamous/mysql-mcp 2.3.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (347) hide show

package/.dockerignore +1 -0
package/.gitattributes +18 -0
package/.github/workflows/codeql.yml +2 -10
package/.github/workflows/docker-publish.yml +15 -13
package/CHANGELOG.md +287 -1
package/DOCKER_README.md +100 -265
package/Dockerfile +5 -0
package/README.md +124 -59
package/VERSION +1 -1
package/dist/__tests__/mocks/adapter.d.ts.map +1 -1
package/dist/__tests__/mocks/adapter.js +2 -0
package/dist/__tests__/mocks/adapter.js.map +1 -1
package/dist/adapters/DatabaseAdapter.d.ts.map +1 -1
package/dist/adapters/DatabaseAdapter.js +50 -9
package/dist/adapters/DatabaseAdapter.js.map +1 -1
package/dist/adapters/mysql/MySQLAdapter.d.ts +6 -0
package/dist/adapters/mysql/MySQLAdapter.d.ts.map +1 -1
package/dist/adapters/mysql/MySQLAdapter.js +8 -0
package/dist/adapters/mysql/MySQLAdapter.js.map +1 -1
package/dist/adapters/mysql/SchemaManager.js +16 -15
package/dist/adapters/mysql/SchemaManager.js.map +1 -1
package/dist/adapters/mysql/prompts/index.js +10 -20
package/dist/adapters/mysql/prompts/index.js.map +1 -1
package/dist/adapters/mysql/prompts/proxysqlSetup.js +1 -1
package/dist/adapters/mysql/resources/docstore.d.ts.map +1 -1
package/dist/adapters/mysql/resources/docstore.js +10 -7
package/dist/adapters/mysql/resources/docstore.js.map +1 -1
package/dist/adapters/mysql/resources/events.js +11 -8
package/dist/adapters/mysql/resources/events.js.map +1 -1
package/dist/adapters/mysql/resources/indexes.d.ts.map +1 -1
package/dist/adapters/mysql/resources/indexes.js +12 -15
package/dist/adapters/mysql/resources/indexes.js.map +1 -1
package/dist/adapters/mysql/resources/innodb.d.ts.map +1 -1
package/dist/adapters/mysql/resources/innodb.js +20 -17
package/dist/adapters/mysql/resources/innodb.js.map +1 -1
package/dist/adapters/mysql/resources/locks.d.ts.map +1 -1
package/dist/adapters/mysql/resources/locks.js +9 -6
package/dist/adapters/mysql/resources/locks.js.map +1 -1
package/dist/adapters/mysql/resources/performance.d.ts.map +1 -1
package/dist/adapters/mysql/resources/performance.js +15 -15
package/dist/adapters/mysql/resources/performance.js.map +1 -1
package/dist/adapters/mysql/resources/spatial.d.ts.map +1 -1
package/dist/adapters/mysql/resources/spatial.js +9 -6
package/dist/adapters/mysql/resources/spatial.js.map +1 -1
package/dist/adapters/mysql/resources/sysschema.d.ts.map +1 -1
package/dist/adapters/mysql/resources/sysschema.js +12 -9
package/dist/adapters/mysql/resources/sysschema.js.map +1 -1
package/dist/adapters/mysql/tools/admin/backup.d.ts.map +1 -1
package/dist/adapters/mysql/tools/admin/backup.js +170 -121
package/dist/adapters/mysql/tools/admin/backup.js.map +1 -1
package/dist/adapters/mysql/tools/admin/maintenance.d.ts.map +1 -1
package/dist/adapters/mysql/tools/admin/maintenance.js +106 -57
package/dist/adapters/mysql/tools/admin/maintenance.js.map +1 -1
package/dist/adapters/mysql/tools/admin/monitoring.d.ts.map +1 -1
package/dist/adapters/mysql/tools/admin/monitoring.js +183 -101
package/dist/adapters/mysql/tools/admin/monitoring.js.map +1 -1
package/dist/adapters/mysql/tools/cluster/group-replication.d.ts.map +1 -1
package/dist/adapters/mysql/tools/cluster/group-replication.js +164 -120
package/dist/adapters/mysql/tools/cluster/group-replication.js.map +1 -1
package/dist/adapters/mysql/tools/cluster/innodb-cluster.d.ts.map +1 -1
package/dist/adapters/mysql/tools/cluster/innodb-cluster.js +212 -145
package/dist/adapters/mysql/tools/cluster/innodb-cluster.js.map +1 -1
package/dist/adapters/mysql/tools/codemode/index.d.ts.map +1 -1
package/dist/adapters/mysql/tools/codemode/index.js +6 -4
package/dist/adapters/mysql/tools/codemode/index.js.map +1 -1
package/dist/adapters/mysql/tools/core.d.ts.map +1 -1
package/dist/adapters/mysql/tools/core.js +152 -29
package/dist/adapters/mysql/tools/core.js.map +1 -1
package/dist/adapters/mysql/tools/docstore.d.ts.map +1 -1
package/dist/adapters/mysql/tools/docstore.js +340 -163
package/dist/adapters/mysql/tools/docstore.js.map +1 -1
package/dist/adapters/mysql/tools/events.d.ts.map +1 -1
package/dist/adapters/mysql/tools/events.js +284 -198
package/dist/adapters/mysql/tools/events.js.map +1 -1
package/dist/adapters/mysql/tools/json/core.d.ts.map +1 -1
package/dist/adapters/mysql/tools/json/core.js +11 -39
package/dist/adapters/mysql/tools/json/core.js.map +1 -1
package/dist/adapters/mysql/tools/json/enhanced.d.ts.map +1 -1
package/dist/adapters/mysql/tools/json/enhanced.js +15 -33
package/dist/adapters/mysql/tools/json/enhanced.js.map +1 -1
package/dist/adapters/mysql/tools/json/helpers.d.ts.map +1 -1
package/dist/adapters/mysql/tools/json/helpers.js +13 -24
package/dist/adapters/mysql/tools/json/helpers.js.map +1 -1
package/dist/adapters/mysql/tools/partitioning.js +3 -0
package/dist/adapters/mysql/tools/partitioning.js.map +1 -1
package/dist/adapters/mysql/tools/performance/analysis.d.ts.map +1 -1
package/dist/adapters/mysql/tools/performance/analysis.js +89 -60
package/dist/adapters/mysql/tools/performance/analysis.js.map +1 -1
package/dist/adapters/mysql/tools/performance/optimization.d.ts.map +1 -1
package/dist/adapters/mysql/tools/performance/optimization.js +151 -127
package/dist/adapters/mysql/tools/performance/optimization.js.map +1 -1
package/dist/adapters/mysql/tools/proxysql.d.ts +1 -1
package/dist/adapters/mysql/tools/proxysql.d.ts.map +1 -1
package/dist/adapters/mysql/tools/proxysql.js +289 -176
package/dist/adapters/mysql/tools/proxysql.js.map +1 -1
package/dist/adapters/mysql/tools/replication.js +75 -49
package/dist/adapters/mysql/tools/replication.js.map +1 -1
package/dist/adapters/mysql/tools/roles.d.ts.map +1 -1
package/dist/adapters/mysql/tools/roles.js +224 -182
package/dist/adapters/mysql/tools/roles.js.map +1 -1
package/dist/adapters/mysql/tools/router.d.ts.map +1 -1
package/dist/adapters/mysql/tools/router.js +168 -67
package/dist/adapters/mysql/tools/router.js.map +1 -1
package/dist/adapters/mysql/tools/schema/constraints.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/constraints.js +21 -3
package/dist/adapters/mysql/tools/schema/constraints.js.map +1 -1
package/dist/adapters/mysql/tools/schema/management.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/management.js +61 -14
package/dist/adapters/mysql/tools/schema/management.js.map +1 -1
package/dist/adapters/mysql/tools/schema/routines.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/routines.js +27 -4
package/dist/adapters/mysql/tools/schema/routines.js.map +1 -1
package/dist/adapters/mysql/tools/schema/scheduled_events.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/scheduled_events.js +24 -3
package/dist/adapters/mysql/tools/schema/scheduled_events.js.map +1 -1
package/dist/adapters/mysql/tools/schema/triggers.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/triggers.js +23 -2
package/dist/adapters/mysql/tools/schema/triggers.js.map +1 -1
package/dist/adapters/mysql/tools/schema/views.d.ts.map +1 -1
package/dist/adapters/mysql/tools/schema/views.js +47 -7
package/dist/adapters/mysql/tools/schema/views.js.map +1 -1
package/dist/adapters/mysql/tools/security/audit.d.ts.map +1 -1
package/dist/adapters/mysql/tools/security/audit.js +102 -34
package/dist/adapters/mysql/tools/security/audit.js.map +1 -1
package/dist/adapters/mysql/tools/security/data-protection.d.ts.map +1 -1
package/dist/adapters/mysql/tools/security/data-protection.js +264 -205
package/dist/adapters/mysql/tools/security/data-protection.js.map +1 -1
package/dist/adapters/mysql/tools/security/encryption.d.ts.map +1 -1
package/dist/adapters/mysql/tools/security/encryption.js +137 -104
package/dist/adapters/mysql/tools/security/encryption.js.map +1 -1
package/dist/adapters/mysql/tools/shell/backup.d.ts.map +1 -1
package/dist/adapters/mysql/tools/shell/backup.js +71 -59
package/dist/adapters/mysql/tools/shell/backup.js.map +1 -1
package/dist/adapters/mysql/tools/shell/restore.d.ts.map +1 -1
package/dist/adapters/mysql/tools/shell/restore.js +61 -47
package/dist/adapters/mysql/tools/shell/restore.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/geometry.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/geometry.js +19 -5
package/dist/adapters/mysql/tools/spatial/geometry.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/operations.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/operations.js +42 -17
package/dist/adapters/mysql/tools/spatial/operations.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/queries.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/queries.js +109 -57
package/dist/adapters/mysql/tools/spatial/queries.js.map +1 -1
package/dist/adapters/mysql/tools/spatial/setup.d.ts.map +1 -1
package/dist/adapters/mysql/tools/spatial/setup.js +103 -50
package/dist/adapters/mysql/tools/spatial/setup.js.map +1 -1
package/dist/adapters/mysql/tools/stats/comparative.d.ts.map +1 -1
package/dist/adapters/mysql/tools/stats/comparative.js +128 -79
package/dist/adapters/mysql/tools/stats/comparative.js.map +1 -1
package/dist/adapters/mysql/tools/stats/descriptive.d.ts.map +1 -1
package/dist/adapters/mysql/tools/stats/descriptive.js +174 -102
package/dist/adapters/mysql/tools/stats/descriptive.js.map +1 -1
package/dist/adapters/mysql/tools/sysschema/activity.d.ts.map +1 -1
package/dist/adapters/mysql/tools/sysschema/activity.js +50 -25
package/dist/adapters/mysql/tools/sysschema/activity.js.map +1 -1
package/dist/adapters/mysql/tools/sysschema/performance.d.ts.map +1 -1
package/dist/adapters/mysql/tools/sysschema/performance.js +121 -66
package/dist/adapters/mysql/tools/sysschema/performance.js.map +1 -1
package/dist/adapters/mysql/tools/sysschema/resources.d.ts.map +1 -1
package/dist/adapters/mysql/tools/sysschema/resources.js +101 -64
package/dist/adapters/mysql/tools/sysschema/resources.js.map +1 -1
package/dist/adapters/mysql/tools/text/fulltext.d.ts.map +1 -1
package/dist/adapters/mysql/tools/text/fulltext.js +18 -32
package/dist/adapters/mysql/tools/text/fulltext.js.map +1 -1
package/dist/adapters/mysql/tools/transactions.d.ts.map +1 -1
package/dist/adapters/mysql/tools/transactions.js +48 -23
package/dist/adapters/mysql/tools/transactions.js.map +1 -1
package/dist/adapters/mysql/types/proxysql-types.d.ts +15 -0
package/dist/adapters/mysql/types/proxysql-types.d.ts.map +1 -1
package/dist/adapters/mysql/types/proxysql-types.js +33 -1
package/dist/adapters/mysql/types/proxysql-types.js.map +1 -1
package/dist/adapters/mysql/types/router-types.d.ts +1 -1
package/dist/adapters/mysql/types/router-types.js +1 -1
package/dist/adapters/mysql/types/router-types.js.map +1 -1
package/dist/adapters/mysql/types/shell-types.js +2 -2
package/dist/adapters/mysql/types/shell-types.js.map +1 -1
package/dist/adapters/mysql/types.d.ts +485 -21
package/dist/adapters/mysql/types.d.ts.map +1 -1
package/dist/adapters/mysql/types.js +546 -19
package/dist/adapters/mysql/types.js.map +1 -1
package/dist/auth/scopes.js +1 -1
package/dist/auth/scopes.js.map +1 -1
package/dist/codemode/api.d.ts +3 -2
package/dist/codemode/api.d.ts.map +1 -1
package/dist/codemode/api.js +80 -5
package/dist/codemode/api.js.map +1 -1
package/dist/codemode/sandbox-factory.js +1 -1
package/dist/codemode/sandbox-factory.js.map +1 -1
package/dist/codemode/types.d.ts +26 -0
package/dist/codemode/types.d.ts.map +1 -1
package/dist/codemode/types.js +2 -0
package/dist/codemode/types.js.map +1 -1
package/dist/codemode/worker-sandbox.d.ts +4 -2
package/dist/codemode/worker-sandbox.d.ts.map +1 -1
package/dist/codemode/worker-sandbox.js +66 -7
package/dist/codemode/worker-sandbox.js.map +1 -1
package/dist/codemode/worker-script.d.ts +3 -0
package/dist/codemode/worker-script.d.ts.map +1 -1
package/dist/codemode/worker-script.js +128 -75
package/dist/codemode/worker-script.js.map +1 -1
package/dist/constants/ServerInstructions.d.ts +1 -1
package/dist/constants/ServerInstructions.d.ts.map +1 -1
package/dist/constants/ServerInstructions.js +37 -31
package/dist/constants/ServerInstructions.js.map +1 -1
package/dist/filtering/ToolConstants.d.ts +1 -1
package/dist/filtering/ToolConstants.d.ts.map +1 -1
package/dist/filtering/ToolConstants.js +1 -2
package/dist/filtering/ToolConstants.js.map +1 -1
package/dist/pool/ConnectionPool.d.ts.map +1 -1
package/dist/pool/ConnectionPool.js.map +1 -1
package/dist/transports/http.d.ts.map +1 -1
package/dist/transports/http.js +6 -0
package/dist/transports/http.js.map +1 -1
package/dist/utils/validators.d.ts +1 -1
package/dist/utils/validators.d.ts.map +1 -1
package/dist/utils/validators.js.map +1 -1
package/package.json +4 -4
package/releases/v2.3.0-release-notes.md +20 -20
package/releases/v2.3.1-release-notes.md +34 -0
package/releases/v3.0.0-release-notes.md +81 -0
package/src/__tests__/mocks/adapter.ts +3 -0
package/src/__tests__/perf.test.ts +6 -6
package/src/adapters/DatabaseAdapter.ts +58 -9
package/src/adapters/__tests__/DatabaseAdapter.test.ts +89 -8
package/src/adapters/mysql/MySQLAdapter.ts +17 -2
package/src/adapters/mysql/SchemaManager.ts +21 -21
package/src/adapters/mysql/__tests__/MySQLAdapter.test.ts +1 -1
package/src/adapters/mysql/prompts/index.ts +12 -22
package/src/adapters/mysql/prompts/proxysqlSetup.ts +1 -1
package/src/adapters/mysql/resources/docstore.ts +13 -10
package/src/adapters/mysql/resources/events.ts +12 -12
package/src/adapters/mysql/resources/indexes.ts +17 -19
package/src/adapters/mysql/resources/innodb.ts +23 -22
package/src/adapters/mysql/resources/locks.ts +9 -7
package/src/adapters/mysql/resources/performance.ts +23 -18
package/src/adapters/mysql/resources/spatial.ts +9 -7
package/src/adapters/mysql/resources/sysschema.ts +12 -11
package/src/adapters/mysql/tools/__tests__/core.test.ts +126 -55
package/src/adapters/mysql/tools/__tests__/docstore.test.ts +459 -88
package/src/adapters/mysql/tools/__tests__/events.test.ts +281 -103
package/src/adapters/mysql/tools/__tests__/proxysql.test.ts +128 -28
package/src/adapters/mysql/tools/__tests__/replication.test.ts +48 -2
package/src/adapters/mysql/tools/__tests__/roles.test.ts +15 -18
package/src/adapters/mysql/tools/__tests__/router.test.ts +32 -5
package/src/adapters/mysql/tools/__tests__/security.test.ts +126 -2
package/src/adapters/mysql/tools/__tests__/security_injection.test.ts +84 -76
package/src/adapters/mysql/tools/__tests__/security_integration.test.ts +47 -50
package/src/adapters/mysql/tools/__tests__/spatial.test.ts +11 -10
package/src/adapters/mysql/tools/__tests__/spatial_handler.test.ts +54 -38
package/src/adapters/mysql/tools/__tests__/stats.test.ts +285 -152
package/src/adapters/mysql/tools/__tests__/transactions.test.ts +13 -13
package/src/adapters/mysql/tools/admin/__tests__/backup.test.ts +171 -25
package/src/adapters/mysql/tools/admin/__tests__/maintenance.test.ts +240 -4
package/src/adapters/mysql/tools/admin/__tests__/monitoring-summary.test.ts +274 -0
package/src/adapters/mysql/tools/admin/__tests__/monitoring.test.ts +94 -5
package/src/adapters/mysql/tools/admin/backup.ts +193 -143
package/src/adapters/mysql/tools/admin/maintenance.ts +118 -69
package/src/adapters/mysql/tools/admin/monitoring.ts +201 -125
package/src/adapters/mysql/tools/cluster/__tests__/group-replication.test.ts +69 -0
package/src/adapters/mysql/tools/cluster/__tests__/innodb-cluster.test.ts +141 -0
package/src/adapters/mysql/tools/cluster/group-replication.ts +172 -132
package/src/adapters/mysql/tools/cluster/innodb-cluster.ts +231 -157
package/src/adapters/mysql/tools/codemode/__tests__/codemode-tool.test.ts +227 -0
package/src/adapters/mysql/tools/codemode/index.ts +5 -3
package/src/adapters/mysql/tools/core.ts +152 -38
package/src/adapters/mysql/tools/docstore.ts +422 -205
package/src/adapters/mysql/tools/events.ts +334 -233
package/src/adapters/mysql/tools/json/__tests__/core.test.ts +20 -0
package/src/adapters/mysql/tools/json/__tests__/enhanced.test.ts +82 -50
package/src/adapters/mysql/tools/json/__tests__/helpers.test.ts +42 -3
package/src/adapters/mysql/tools/json/core.ts +21 -42
package/src/adapters/mysql/tools/json/enhanced.ts +22 -37
package/src/adapters/mysql/tools/json/helpers.ts +21 -25
package/src/adapters/mysql/tools/partitioning.ts +3 -0
package/src/adapters/mysql/tools/performance/__tests__/analysis.test.ts +98 -5
package/src/adapters/mysql/tools/performance/__tests__/optimization-coverage.test.ts +515 -0
package/src/adapters/mysql/tools/performance/__tests__/optimization.test.ts +187 -0
package/src/adapters/mysql/tools/performance/analysis.ts +95 -69
package/src/adapters/mysql/tools/performance/optimization.ts +182 -153
package/src/adapters/mysql/tools/proxysql.ts +314 -209
package/src/adapters/mysql/tools/replication.ts +84 -57
package/src/adapters/mysql/tools/roles.ts +274 -226
package/src/adapters/mysql/tools/router.ts +181 -85
package/src/adapters/mysql/tools/schema/__tests__/constraints.test.ts +13 -0
package/src/adapters/mysql/tools/schema/__tests__/management.test.ts +60 -25
package/src/adapters/mysql/tools/schema/__tests__/scheduled_events.test.ts +11 -0
package/src/adapters/mysql/tools/schema/__tests__/triggers.test.ts +25 -4
package/src/adapters/mysql/tools/schema/__tests__/views.test.ts +46 -14
package/src/adapters/mysql/tools/schema/constraints.ts +22 -3
package/src/adapters/mysql/tools/schema/management.ts +60 -15
package/src/adapters/mysql/tools/schema/routines.ts +26 -4
package/src/adapters/mysql/tools/schema/scheduled_events.ts +25 -3
package/src/adapters/mysql/tools/schema/triggers.ts +27 -2
package/src/adapters/mysql/tools/schema/views.ts +46 -8
package/src/adapters/mysql/tools/security/__tests__/audit.test.ts +90 -4
package/src/adapters/mysql/tools/security/audit.ts +113 -39
package/src/adapters/mysql/tools/security/data-protection.ts +293 -233
package/src/adapters/mysql/tools/security/encryption.ts +172 -139
package/src/adapters/mysql/tools/shell/__tests__/backup.test.ts +29 -0
package/src/adapters/mysql/tools/shell/backup.ts +90 -73
package/src/adapters/mysql/tools/shell/restore.ts +62 -48
package/src/adapters/mysql/tools/spatial/__tests__/operations.test.ts +22 -14
package/src/adapters/mysql/tools/spatial/__tests__/queries.test.ts +65 -51
package/src/adapters/mysql/tools/spatial/geometry.ts +23 -7
package/src/adapters/mysql/tools/spatial/operations.ts +60 -31
package/src/adapters/mysql/tools/spatial/queries.ts +142 -65
package/src/adapters/mysql/tools/spatial/setup.ts +121 -55
package/src/adapters/mysql/tools/stats/__tests__/comparative.test.ts +12 -10
package/src/adapters/mysql/tools/stats/comparative.ts +150 -98
package/src/adapters/mysql/tools/stats/descriptive.ts +204 -127
package/src/adapters/mysql/tools/sysschema/__tests__/error-paths.test.ts +222 -0
package/src/adapters/mysql/tools/sysschema/__tests__/performance.test.ts +45 -0
package/src/adapters/mysql/tools/sysschema/__tests__/resources.test.ts +6 -3
package/src/adapters/mysql/tools/sysschema/activity.ts +52 -27
package/src/adapters/mysql/tools/sysschema/performance.ts +132 -68
package/src/adapters/mysql/tools/sysschema/resources.ts +105 -67
package/src/adapters/mysql/tools/text/__tests__/fulltext.test.ts +45 -17
package/src/adapters/mysql/tools/text/fulltext.ts +27 -38
package/src/adapters/mysql/tools/transactions.ts +49 -24
package/src/adapters/mysql/types/proxysql-types.ts +38 -1
package/src/adapters/mysql/types/router-types.ts +1 -1
package/src/adapters/mysql/types/shell-types.ts +2 -2
package/src/adapters/mysql/types.ts +632 -19
package/src/auth/__tests__/scopes.test.ts +2 -2
package/src/auth/scopes.ts +1 -1
package/src/codemode/__tests__/api.test.ts +417 -0
package/src/codemode/__tests__/sandbox-factory.test.ts +158 -0
package/src/codemode/__tests__/sandbox.test.ts +301 -0
package/src/codemode/__tests__/security.test.ts +368 -0
package/src/codemode/__tests__/worker-sandbox.test.ts +179 -0
package/src/codemode/__tests__/worker-script.test.ts +226 -0
package/src/codemode/api.ts +89 -5
package/src/codemode/sandbox-factory.ts +1 -1
package/src/codemode/types.ts +34 -0
package/src/codemode/worker-sandbox.ts +74 -7
package/src/codemode/worker-script.ts +157 -86
package/src/constants/ServerInstructions.ts +37 -31
package/src/filtering/ToolConstants.ts +1 -2
package/src/filtering/__tests__/ToolFilter.test.ts +9 -9
package/src/pool/ConnectionPool.ts +4 -1
package/src/transports/__tests__/http.test.ts +15 -3
package/src/transports/http.ts +12 -0
package/src/utils/validators.ts +2 -1
package/vitest.config.ts +3 -1
package/CODE_MODE.md +0 -245

package/src/codemode/__tests__/worker-sandbox.test.ts ADDED Viewed

@@ -0,0 +1,179 @@
+/**
+ * mysql-mcp - Worker Sandbox Unit Tests
+ *
+ * Tests for WorkerSandbox and WorkerSandboxPool.
+ * Mocks worker_threads to test sandbox lifecycle and pool management.
+ */
+import { describe, it, expect, vi, beforeEach, afterEach } from "vitest";
+import { WorkerSandbox, WorkerSandboxPool } from "../worker-sandbox.js";
+// Suppress logger
+vi.mock("../../utils/logger.js", () => ({
+  logger: { info: vi.fn(), warning: vi.fn(), error: vi.fn() },
+}));
+describe("WorkerSandbox", () => {
+  let sandbox: WorkerSandbox;
+  beforeEach(() => {
+    sandbox = WorkerSandbox.create({
+      memoryLimitMb: 64,
+      timeoutMs: 5000,
+      cpuLimitMs: 5000,
+    });
+  });
+  afterEach(() => {
+    sandbox.dispose();
+  });
+  // ===========================================================================
+  // Creation
+  // ===========================================================================
+  describe("create", () => {
+    it("should create a worker sandbox with default options", () => {
+      const s = WorkerSandbox.create();
+      expect(s).toBeDefined();
+      expect(s.isHealthy()).toBe(true);
+      s.dispose();
+    });
+    it("should create a worker sandbox with custom options", () => {
+      expect(sandbox).toBeDefined();
+      expect(sandbox.isHealthy()).toBe(true);
+    });
+  });
+  // ===========================================================================
+  // serializeBindings
+  // ===========================================================================
+  describe("serializeBindings", () => {
+    it("should serialize group methods", () => {
+      const bindings = {
+        core: {
+          readQuery: vi.fn(),
+          writeQuery: vi.fn(),
+          help: vi.fn(),
+        },
+        json: {
+          extract: vi.fn(),
+        },
+      };
+      const serialized = sandbox.serializeBindings(bindings);
+      expect(serialized).toHaveProperty("core");
+      expect(serialized).toHaveProperty("json");
+      expect(serialized["core"]).toContain("readQuery");
+      expect(serialized["core"]).toContain("writeQuery");
+    });
+    it("should handle top-level function bindings", () => {
+      const bindings = {
+        readQuery: vi.fn(),
+        help: vi.fn(),
+        core: { readQuery: vi.fn() },
+      };
+      const serialized = sandbox.serializeBindings(bindings);
+      expect(serialized).toHaveProperty("_topLevel");
+      expect(serialized["_topLevel"]).toContain("readQuery");
+      expect(serialized["_topLevel"]).toContain("help");
+    });
+    it("should handle empty bindings", () => {
+      const serialized = sandbox.serializeBindings({});
+      expect(Object.keys(serialized)).toHaveLength(0);
+    });
+  });
+  // ===========================================================================
+  // calculateMetrics
+  // ===========================================================================
+  describe("calculateMetrics", () => {
+    it("should calculate correct metrics", () => {
+      const metrics = sandbox.calculateMetrics(0, 150, 1000, 3000);
+      expect(metrics.wallTimeMs).toBe(150);
+      expect(metrics.memoryUsedMb).toBeGreaterThanOrEqual(0);
+    });
+  });
+  // ===========================================================================
+  // Health and disposal
+  // ===========================================================================
+  describe("isHealthy / dispose", () => {
+    it("should be healthy after creation", () => {
+      expect(sandbox.isHealthy()).toBe(true);
+    });
+    it("should be unhealthy after dispose", () => {
+      sandbox.dispose();
+      expect(sandbox.isHealthy()).toBe(false);
+    });
+    it("should handle multiple dispose calls", () => {
+      sandbox.dispose();
+      sandbox.dispose();
+      expect(sandbox.isHealthy()).toBe(false);
+    });
+  });
+  // ===========================================================================
+  // execute
+  // ===========================================================================
+  describe("execute", () => {
+    it("should fail on disposed sandbox", async () => {
+      sandbox.dispose();
+      const result = await sandbox.execute("return 1", {});
+      expect(result.success).toBe(false);
+      expect(result.error).toContain("disposed");
+    });
+  });
+});
+// =============================================================================
+// WorkerSandboxPool
+// =============================================================================
+describe("WorkerSandboxPool", () => {
+  let pool: WorkerSandboxPool;
+  beforeEach(() => {
+    pool = new WorkerSandboxPool(
+      { minInstances: 0, maxInstances: 3, idleTimeoutMs: 1000 },
+      { memoryLimitMb: 64, timeoutMs: 5000, cpuLimitMs: 5000 },
+    );
+  });
+  afterEach(() => {
+    pool.dispose();
+  });
+  describe("initialize", () => {
+    it("should initialize without error", () => {
+      pool.initialize();
+      expect(pool.getStats().max).toBe(3);
+    });
+  });
+  describe("getStats", () => {
+    it("should return correct stats", () => {
+      pool.initialize();
+      const stats = pool.getStats();
+      expect(stats).toHaveProperty("available");
+      expect(stats).toHaveProperty("inUse");
+      expect(stats).toHaveProperty("max");
+      expect(stats.max).toBe(3);
+      expect(stats.inUse).toBe(0);
+    });
+  });
+  describe("dispose", () => {
+    it("should dispose without error", () => {
+      pool.initialize();
+      pool.dispose();
+      // After dispose, pool may still report stats but should not be usable
+      const stats = pool.getStats();
+      expect(stats).toBeDefined();
+    });
+  });
+});

package/src/codemode/__tests__/worker-script.test.ts ADDED Viewed

@@ -0,0 +1,226 @@
+/**
+ * mysql-mcp - Worker Script Unit Tests
+ *
+ * Tests for buildMysqlProxy and executeInWorker functions.
+ * Mocks parentPort, workerData, and MessagePort from worker_threads.
+ */
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { EventEmitter } from "events";
+// We test buildMysqlProxy by importing the module in a special way.
+// Since worker-script.ts auto-executes, we need to mock the worker_threads
+// module before importing.
+// Mock worker_threads module
+const mockParentPort = {
+  postMessage: vi.fn(),
+};
+const mockRpcPort = new EventEmitter() as EventEmitter & {
+  postMessage: ReturnType<typeof vi.fn>;
+  ref: ReturnType<typeof vi.fn>;
+  unref: ReturnType<typeof vi.fn>;
+  close: ReturnType<typeof vi.fn>;
+};
+mockRpcPort.postMessage = vi.fn();
+mockRpcPort.ref = vi.fn();
+mockRpcPort.unref = vi.fn();
+mockRpcPort.close = vi.fn();
+const mockWorkerData = {
+  code: 'return "hello"',
+  apiBindings: {
+    core: ["readQuery", "writeQuery", "help"],
+    json: ["extract", "set"],
+    _topLevel: ["readQuery", "help"],
+  },
+  timeout: 5000,
+  rpcPort: mockRpcPort,
+};
+vi.mock("node:worker_threads", () => ({
+  parentPort: mockParentPort,
+  workerData: mockWorkerData,
+}));
+describe("Worker Script", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    mockRpcPort.removeAllListeners();
+  });
+  describe("buildMysqlProxy", () => {
+    // Import the function by loading the module with mocks active
+    // Since the module auto-executes, we'll test the proxy construction
+    // pattern separately
+    it("should be tested through proxy construction patterns", async () => {
+      // The buildMysqlProxy function constructs a mysql-like object
+      // with group sub-objects where each method sends an RPC message.
+      // We test the patterns it creates.
+      const bindings = {
+        core: ["readQuery", "writeQuery", "help"],
+        json: ["extract"],
+        _topLevel: ["readQuery", "help"],
+      };
+      // Simulate what buildMysqlProxy does: creates group objects with methods
+      const mysql: Record<string, unknown> = {};
+      const groupNames: string[] = [];
+      for (const [key, methods] of Object.entries(bindings)) {
+        if (key === "_topLevel") continue;
+        groupNames.push(key);
+        const groupApi: Record<string, unknown> = {};
+        for (const method of methods) {
+          if (method === "help") continue;
+          groupApi[method] = vi.fn().mockResolvedValue({ rows: [] });
+        }
+        groupApi["help"] = () => ({
+          group: key,
+          methods: methods.filter((m) => m !== "help"),
+        });
+        mysql[key] = groupApi;
+      }
+      // Top-level
+      const topLevel = bindings["_topLevel"];
+      if (topLevel) {
+        for (const method of topLevel) {
+          if (method === "help") {
+            mysql["help"] = () => ({ groups: groupNames });
+          } else {
+            mysql[method] = vi.fn().mockResolvedValue({ rows: [] });
+          }
+        }
+      }
+      // Verify the structure
+      expect(mysql).toHaveProperty("core");
+      expect(mysql).toHaveProperty("json");
+      expect(mysql).toHaveProperty("readQuery");
+      expect(mysql).toHaveProperty("help");
+      // Test group help
+      const coreApi = mysql["core"] as Record<string, unknown>;
+      expect(coreApi).toHaveProperty("readQuery");
+      expect(coreApi).toHaveProperty("writeQuery");
+      expect(coreApi).toHaveProperty("help");
+      const helpResult = (coreApi["help"] as () => unknown)();
+      expect(helpResult).toEqual({
+        group: "core",
+        methods: ["readQuery", "writeQuery"],
+      });
+      // Test top-level help
+      const topHelp = (mysql["help"] as () => unknown)();
+      expect(topHelp).toEqual({ groups: ["core", "json"] });
+    });
+    it("should filter help from method lists", () => {
+      const methods = ["readQuery", "writeQuery", "help"];
+      const filtered = methods.filter((m) => m !== "help");
+      expect(filtered).toEqual(["readQuery", "writeQuery"]);
+      expect(filtered).not.toContain("help");
+    });
+  });
+  describe("RPC message handling", () => {
+    it("should resolve pending promises on RPC response", async () => {
+      const pending = new Map<
+        number,
+        { resolve: (v: unknown) => void; reject: (e: Error) => void }
+      >();
+      const promise = new Promise((resolve, reject) => {
+        pending.set(0, { resolve, reject });
+      });
+      // Simulate RPC response
+      const msg = { id: 0, result: { rows: [{ id: 1 }] } };
+      const p = pending.get(msg.id);
+      if (p) {
+        pending.delete(msg.id);
+        if (msg.error) {
+          p.reject(new Error(msg.error));
+        } else {
+          p.resolve(msg.result);
+        }
+      }
+      const result = await promise;
+      expect(result).toEqual({ rows: [{ id: 1 }] });
+    });
+    it("should reject pending promises on RPC error", async () => {
+      const pending = new Map<
+        number,
+        { resolve: (v: unknown) => void; reject: (e: Error) => void }
+      >();
+      const promise = new Promise((resolve, reject) => {
+        pending.set(1, { resolve, reject });
+      });
+      // Simulate RPC error response
+      const msg = { id: 1, error: "Query failed" } as {
+        id: number;
+        error?: string;
+        result?: unknown;
+      };
+      const p = pending.get(msg.id);
+      if (p) {
+        pending.delete(msg.id);
+        if (msg.error) {
+          p.reject(new Error(msg.error));
+        } else {
+          p.resolve(msg.result);
+        }
+      }
+      await expect(promise).rejects.toThrow("Query failed");
+    });
+    it("should ignore responses for unknown request IDs", () => {
+      const pending = new Map<
+        number,
+        { resolve: (v: unknown) => void; reject: (e: Error) => void }
+      >();
+      const msg = { id: 999, result: "unknown" };
+      const p = pending.get(msg.id);
+      expect(p).toBeUndefined();
+    });
+  });
+  describe("sandbox context construction", () => {
+    it("should block dangerous globals", () => {
+      const sandbox: Record<string, unknown> = {
+        setTimeout: undefined,
+        setInterval: undefined,
+        setImmediate: undefined,
+        process: undefined,
+        require: undefined,
+        __dirname: undefined,
+        __filename: undefined,
+        globalThis: undefined,
+        global: undefined,
+      };
+      // All dangerous globals should be undefined
+      expect(sandbox.setTimeout).toBeUndefined();
+      expect(sandbox.setInterval).toBeUndefined();
+      expect(sandbox.setImmediate).toBeUndefined();
+      expect(sandbox.process).toBeUndefined();
+      expect(sandbox.require).toBeUndefined();
+      expect(sandbox.__dirname).toBeUndefined();
+      expect(sandbox.__filename).toBeUndefined();
+      expect(sandbox.globalThis).toBeUndefined();
+      expect(sandbox.global).toBeUndefined();
+    });
+  });
+});

package/src/codemode/api.ts CHANGED Viewed

@@ -328,7 +328,7 @@ const GROUP_EXAMPLES: Record<string, string[]> = {
   ],
   schema: [
     "mysql.schema.listViews()",
-    "mysql.schema.createView({ name: 'active_users', sql: 'SELECT * FROM users WHERE active = 1' })",
+    "mysql.schema.createView({ name: 'active_users', definition: 'SELECT * FROM users WHERE active = 1' })",
     "mysql.schema.listFunctions()",
     "mysql.schema.listTriggers({ table: 'orders' })",
   ],
@@ -785,8 +785,11 @@ export class MysqlApi {
   readonly docstore: GroupApiRecord;
   private readonly toolsByGroup: Map<string, ToolDefinition[]>;
+  private readonly isReadonly: boolean;
+  constructor(adapter: MySQLAdapter, readonly?: boolean) {
+    this.isReadonly = readonly ?? false;
-  constructor(adapter: MySQLAdapter) {
     // Get all tool definitions and group them
     const allTools = adapter.getToolDefinitions();
     this.toolsByGroup = this.groupTools(allTools);
@@ -979,6 +982,42 @@ export class MysqlApi {
   createSandboxBindings(): Record<string, unknown> {
     const bindings: Record<string, unknown> = {};
+    // Groups that are entirely write-oriented (excluded when readonly)
+    const writeOnlyGroups = new Set([
+      "transactions",
+      "admin",
+      "backup",
+      "partitioning",
+      "roles",
+      "events",
+      "shell",
+    ]);
+    // Methods within mixed groups that perform writes (excluded when readonly)
+    const writeMethods: Record<string, Set<string>> = {
+      core: new Set(["writeQuery", "dropTable", "createTable", "createIndex"]),
+      docstore: new Set([
+        "docAdd",
+        "docModify",
+        "docRemove",
+        "docCreateCollection",
+        "docDropCollection",
+        "docCreateIndex",
+      ]),
+      schema: new Set(["createSchema", "dropSchema", "createView"]),
+      json: new Set([
+        "set",
+        "insert",
+        "remove",
+        "replace",
+        "update",
+        "merge",
+        "arrayAppend",
+      ]),
+      fulltext: new Set(["fulltextCreate", "fulltextDrop"]),
+      spatial: new Set(["createColumn", "createIndex"]),
+    };
     const groupNames = [
       "core",
       "transactions",
@@ -1007,7 +1046,30 @@ export class MysqlApi {
     ] as const;
     for (const groupName of groupNames) {
+      // Skip entire write-only groups when readonly
+      if (this.isReadonly && writeOnlyGroups.has(groupName)) {
+        const blockedStub = (): { success: false; error: string } => ({
+          success: false,
+          error: `Readonly mode: the '${groupName}' group is not available in readonly mode`,
+        });
+        const groupApi = this[groupName];
+        const stubbed: Record<string, unknown> = {};
+        for (const method of Object.keys(groupApi)) {
+          stubbed[method] = blockedStub;
+        }
+        stubbed["help"] = () => ({
+          methods: Object.keys(groupApi),
+          readonly: true,
+          note: `All methods in '${groupName}' are blocked in readonly mode`,
+        });
+        bindings[groupName] = stubbed;
+        continue;
+      }
       const groupApi = this[groupName];
+      const groupWriteMethods = this.isReadonly
+        ? (writeMethods[groupName] ?? new Set<string>())
+        : new Set<string>();
       const allMethodNames = Object.keys(groupApi);
       // Separate canonical methods from aliases for structured help output
@@ -1025,9 +1087,28 @@ export class MysqlApi {
         return !lowerAlias.startsWith(lowerGroupName);
       });
+      // Build the group API, replacing write methods with stubs when readonly
+      const filteredApi: Record<string, unknown> = {};
+      for (const method of allMethodNames) {
+        // Check if this method (or its canonical target) is a write method
+        const canonicalTarget = aliases[method] ?? method;
+        const isWrite =
+          groupWriteMethods.has(method) ||
+          groupWriteMethods.has(canonicalTarget);
+        if (isWrite) {
+          filteredApi[method] = (): { success: false; error: string } => ({
+            success: false,
+            error: `Readonly mode: '${groupName}.${method}()' is a write operation and cannot be used when readonly is true`,
+          });
+        } else {
+          filteredApi[method] = groupApi[method];
+        }
+      }
       // Add all methods plus a 'help' property that lists them
       bindings[groupName] = {
-        ...groupApi,
+        ...filteredApi,
         help: () => ({
           methods: canonicalMethodNames,
           methodAliases: usefulAliases,
@@ -1219,6 +1300,9 @@ export class MysqlApi {
 /**
  * Create a MysqlApi instance for an adapter
  */
-export function createMysqlApi(adapter: MySQLAdapter): MysqlApi {
-  return new MysqlApi(adapter);
+export function createMysqlApi(
+  adapter: MySQLAdapter,
+  readonly?: boolean,
+): MysqlApi {
+  return new MysqlApi(adapter, readonly);
 }

package/src/codemode/sandbox-factory.ts CHANGED Viewed

@@ -52,7 +52,7 @@ export interface SandboxModeInfo {
 }
 // Default mode (module-level state)
-let defaultMode: SandboxMode = "vm";
+let defaultMode: SandboxMode = "worker";
 /**
  * Set the default sandbox mode

package/src/codemode/types.ts CHANGED Viewed

@@ -119,6 +119,8 @@ export const DEFAULT_SECURITY_CONFIG: SecurityConfig = {
     /\bFunction\s*\(/, // No Function constructor
     /\b__proto__\b/, // No prototype pollution
     /\bconstructor\.constructor/, // No constructor chaining
+    /\[['"]constructor['"]\]/i, // No bracket-notation constructor access
+    /\bReflect\s*\.\s*construct/i, // No Reflect.construct bypass
     /\bchild_process/, // No child processes
     /\bfs\./, // No filesystem
     /\bnet\./, // No networking
@@ -192,3 +194,35 @@ export interface ExecuteCodeResult {
   /** Execution metrics */
   metrics: ExecutionMetrics;
 }
+// =============================================================================
+// Worker RPC Types
+// =============================================================================
+/**
+ * RPC request from worker thread to main thread.
+ * Sent over the MessagePort to invoke API methods on the main thread.
+ */
+export interface RpcRequest {
+  /** Unique request ID for correlating responses */
+  id: number;
+  /** API group name (e.g., "core", "json") */
+  group: string;
+  /** Method name within the group (e.g., "readQuery") */
+  method: string;
+  /** Arguments to pass to the method */
+  args: unknown[];
+}
+/**
+ * RPC response from main thread to worker thread.
+ * Sent back over the MessagePort with the result or error.
+ */
+export interface RpcResponse {
+  /** Matching request ID */
+  id: number;
+  /** Return value from the method (if successful) */
+  result?: unknown;
+  /** Error message (if failed) */
+  error?: string;
+}