@octopusdeploy/mcp-server 1.1.0 → 2.1.1

package/dist/helpers/requireConfirmation.js

@@ -0,0 +1,148 @@
+import {} from "@modelcontextprotocol/sdk/server/mcp.js";
+import { env } from "process";
+function renderChange(change) {
+    // Preserve source order first, then append target-only keys, so related
+    // fields stay together rather than getting alphabetised apart.
+    const seen = new Set();
+    const keys = [];
+    for (const k of Object.keys(change.source)) {
+        keys.push(k);
+        seen.add(k);
+    }
+    for (const k of Object.keys(change.target)) {
+        if (!seen.has(k))
+            keys.push(k);
+    }
+    const entries = [];
+    const buildEntry = (marker, key, value) => {
+        const valueLines = JSON.stringify(value, null, 2).split("\n");
+        const lines = [`  ${JSON.stringify(key)}: ${valueLines[0]}`];
+        for (let i = 1; i < valueLines.length; i++) {
+            lines.push(`  ${valueLines[i]}`);
+        }
+        return { marker, lines };
+    };
+    for (const key of keys) {
+        const inSource = key in change.source;
+        const inTarget = key in change.target;
+        const sourceJson = inSource
+            ? JSON.stringify(change.source[key], null, 2)
+            : undefined;
+        const targetJson = inTarget
+            ? JSON.stringify(change.target[key], null, 2)
+            : undefined;
+        if (sourceJson === targetJson)
+            continue;
+        if (inSource)
+            entries.push(buildEntry("-", key, change.source[key]));
+        if (inTarget)
+            entries.push(buildEntry("+", key, change.target[key]));
+    }
+    if (entries.length === 0)
+        return "{}";
+    const out = ["{"];
+    entries.forEach((entry, idx) => {
+        const isLastEntry = idx === entries.length - 1;
+        entry.lines.forEach((line, lineIdx) => {
+            const isLastLineOfEntry = lineIdx === entry.lines.length - 1;
+            const suffix = isLastLineOfEntry && !isLastEntry ? "," : "";
+            out.push(`${entry.marker}${line}${suffix}`);
+        });
+    });
+    out.push("}");
+    return out.join("\n");
+}
+function buildConfirmationMessage(message, change) {
+    return change ? `${message}\n\n${renderChange(change)}` : message;
+}
+/**
+ * Gate a write/destructive tool call on explicit user confirmation.
+ *
+ * Resolution order:
+ *   1. `OCTOPUS_SKIP_ELICITATION=true` env var → bypass (automation/CI).
+ *   2. Client advertises elicitation capability → SDK emits `elicitation/create`
+ *      and we map `result.action` to accepted/declined/cancelled.
+ *   3. Client does not advertise elicitation → fall back to the `confirm` arg
+ *      the tool surfaced in its own input schema. Distinguishes between
+ *      explicit `false` (declined) and missing (confirmationRequired) so the
+ *      caller can surface the latter as a hard error.
+ */
+export async function requireConfirmation(server, opts) {
+    if (env["OCTOPUS_SKIP_ELICITATION"] === "true") {
+        return { confirmed: true, reason: "envSkip" };
+    }
+    const capabilities = server.server.getClientCapabilities();
+    if (capabilities?.elicitation) {
+        const result = await server.server.elicitInput({
+            mode: "form",
+            message: buildConfirmationMessage(opts.message, opts.change),
+            // Empty properties → most clients render as a plain Accept/Decline prompt.
+            requestedSchema: { type: "object", properties: {} },
+        });
+        switch (result.action) {
+            case "accept":
+                return { confirmed: true, reason: "accepted" };
+            case "decline":
+                return { confirmed: false, reason: "declined" };
+            case "cancel":
+            default:
+                return { confirmed: false, reason: "cancelled" };
+        }
+    }
+    if (opts.fallbackConfirm === true) {
+        return { confirmed: true, reason: "fallbackConfirm" };
+    }
+    if (opts.fallbackConfirm === false) {
+        return { confirmed: false, reason: "declined" };
+    }
+    return { confirmed: false, reason: "confirmationRequired" };
+}
+/**
+ * Build the standard tool response for a non-confirmed gate result.
+ *
+ *   - `confirmationRequired` → `isError: true` with directive prose telling the
+ *     LLM to ask the user before retrying with `confirm: true`. This is the
+ *     "user was never asked" branch — distinct from a real cancellation, and
+ *     marked as an error so the LLM doesn't paper over it.
+ *   - `declined` / `cancelled` → soft cancellation shape with the original
+ *     reason preserved for telemetry.
+ *
+ * Centralized here so every gated tool produces identical responses; the only
+ * thing a caller varies is the `action` noun. Return type is inferred so it
+ * stays compatible with the SDK's tool-handler return shape (which carries an
+ * `[key: string]: unknown` index signature we don't want to redeclare).
+ */
+export function unconfirmedResponse(result, opts) {
+    if (result.reason === "confirmationRequired") {
+        return {
+            content: [
+                {
+                    type: "text",
+                    text: JSON.stringify({
+                        success: false,
+                        confirmationRequired: true,
+                        message: `This MCP client does not support elicitation, so the server cannot prompt the user to confirm this ${opts.action} directly. ` +
+                            `The user has NOT been asked. Stop and ask the user explicitly whether to proceed; if they approve, retry the call with confirm: true. ` +
+                            `Do not pass confirm: true without their explicit approval.`,
+                    }, null, 2),
+                },
+            ],
+            isError: true,
+        };
+    }
+    const capitalized = opts.action.charAt(0).toUpperCase() + opts.action.slice(1);
+    return {
+        content: [
+            {
+                type: "text",
+                text: JSON.stringify({
+                    success: false,
+                    cancelled: true,
+                    reason: result.reason,
+                    message: `${capitalized} cancelled by user.`,
+                }, null, 2),
+            },
+        ],
+    };
+}
+//# sourceMappingURL=requireConfirmation.js.map

package/dist/helpers/requireConfirmation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"requireConfirmation.js","sourceRoot":"","sources":["../../src/helpers/requireConfirmation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkB,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,GAAG,EAAE,MAAM,SAAS,CAAC;AAwC9B,SAAS,YAAY,CAAC,MAGrB;IACC,wEAAwE;IACxE,+DAA+D;IAC/D,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACb,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC;IAOD,MAAM,OAAO,GAAY,EAAE,CAAC;IAC5B,MAAM,UAAU,GAAG,CAAC,MAAiB,EAAE,GAAW,EAAE,KAAc,EAAS,EAAE;QAC3E,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9D,MAAM,KAAK,GAAa,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,KAAK,CAAC,IAAI,CAAC,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACnC,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC3B,CAAC,CAAC;IAEF,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC;QACtC,MAAM,QAAQ,GAAG,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC;QACtC,MAAM,UAAU,GAAG,QAAQ;YACzB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,UAAU,GAAG,QAAQ;YACzB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAC;QACd,IAAI,UAAU,KAAK,UAAU;YAAE,SAAS;QACxC,IAAI,QAAQ;YAAE,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,QAAQ;YAAE,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,GAAG,GAAa,CAAC,GAAG,CAAC,CAAC;IAC5B,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QAC7B,MAAM,WAAW,GAAG,GAAG,KAAK,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;QAC/C,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACpC,MAAM,iBAAiB,GAAG,OAAO,KAAK,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,iBAAiB,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5D,GAAG,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,IAAI,GAAG,MAAM,EAAE,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACd,OAAO,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,wBAAwB,CAC/B,OAAe,EACf,MAA6C;IAE7C,OAAO,MAAM,CAAC,CAAC,CAAC,GAAG,OAAO,OAAO,YAAY,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;AACpE,CAAC;AAgCD;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAAiB,EACjB,IAAgC;IAEhC,IAAI,GAAG,CAAC,0BAA0B,CAAC,KAAK,MAAM,EAAE,CAAC;QAC/C,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IAChD,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;IAC3D,IAAI,YAAY,EAAE,WAAW,EAAE,CAAC;QAC9B,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7C,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,wBAAwB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC;YAC5D,2EAA2E;YAC3E,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,EAAE;SACpD,CAAC,CAAC;QACH,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,QAAQ;gBACX,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YACjD,KAAK,SAAS;gBACZ,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;YAClD,KAAK,QAAQ,CAAC;YACd;gBACE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;QACrD,CAAC;IACH,CAAC;IAED,IAAI,IAAI,CAAC,eAAe,KAAK,IAAI,EAAE,CAAC;QAClC,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC;IACxD,CAAC;IACD,IAAI,IAAI,CAAC,eAAe,KAAK,KAAK,EAAE,CAAC;QACnC,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAClD,CAAC;IACD,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,sBAAsB,EAAE,CAAC;AAC9D,CAAC;AAWD;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAyD,EACzD,IAAgC;IAEhC,IAAI,MAAM,CAAC,MAAM,KAAK,sBAAsB,EAAE,CAAC;QAC7C,OAAO;YACL,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAClB;wBACE,OAAO,EAAE,KAAK;wBACd,oBAAoB,EAAE,IAAI;wBAC1B,OAAO,EACL,sGAAsG,IAAI,CAAC,MAAM,aAAa;4BAC9H,wIAAwI;4BACxI,4DAA4D;qBAC/D,EACD,IAAI,EACJ,CAAC,CACF;iBACF;aACF;YACD,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GACf,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC7D,OAAO;QACL,OAAO,EAAE;YACP;gBACE,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAClB;oBACE,OAAO,EAAE,KAAK;oBACd,SAAS,EAAE,IAAI;oBACf,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,OAAO,EAAE,GAAG,WAAW,qBAAqB;iBAC7C,EACD,IAAI,EACJ,CAAC,CACF;aACF;SACF;KACF,CAAC;AACJ,CAAC"}

package/dist/helpers/sensitivePathDenylist.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Hard denylist for `execute` paths that must never be reachable, regardless
+ * of toolsets or mode flags. These are entries the user cannot opt into via
+ * --allow-deletes, and remain blocked even when --read-only is not set.
+ *
+ * Two categories live here:
+ *   1. API-key management — creating or modifying API keys via the MCP server
+ *      is structurally out of scope (the agent uses a key already; minting more
+ *      from inside the agent is a privilege escalation pattern).
+ *   2. Catastrophic deletes — paths whose DELETE removes a top-level container
+ *      (a Space, a User) and is operationally irreversible. Allowing the agent
+ *      to issue these from a single tool call is too sharp an edge.
+ *
+ * Pattern syntax is the shared `compilePathGlob` engine: `*` matches one
+ * segment, `**` matches across segments, and every other character is literal.
+ */
+import { type HttpMethod } from "./methodTier.js";
+export interface DenyEntry {
+    /** Optional method filter; absent = all methods. */
+    method?: HttpMethod;
+    /** Glob pattern. `*` = one segment, `**` = any number of segments. */
+    pattern: string;
+    /** Short reason surfaced in the error response. */
+    reason: string;
+}
+export declare const SENSITIVE_PATHS: readonly DenyEntry[];
+export interface SensitiveCheckResult {
+    blocked: boolean;
+    reason?: string;
+}
+export declare function isSensitive(method: HttpMethod, path: string, entries?: readonly DenyEntry[]): SensitiveCheckResult;
+//# sourceMappingURL=sensitivePathDenylist.d.ts.map

package/dist/helpers/sensitivePathDenylist.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sensitivePathDenylist.d.ts","sourceRoot":"","sources":["../../src/helpers/sensitivePathDenylist.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAGlD,MAAM,WAAW,SAAS;IACxB,oDAAoD;IACpD,MAAM,CAAC,EAAE,UAAU,CAAC;IACpB,sEAAsE;IACtE,OAAO,EAAE,MAAM,CAAC;IAChB,mDAAmD;IACnD,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,eAAO,MAAM,eAAe,EAAE,SAAS,SAAS,EAuB/C,CAAC;AAEF,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,WAAW,CACzB,MAAM,EAAE,UAAU,EAClB,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,SAAS,SAAS,EAAoB,GAC9C,oBAAoB,CAQtB"}

package/dist/helpers/sensitivePathDenylist.js

@@ -0,0 +1,49 @@
+/**
+ * Hard denylist for `execute` paths that must never be reachable, regardless
+ * of toolsets or mode flags. These are entries the user cannot opt into via
+ * --allow-deletes, and remain blocked even when --read-only is not set.
+ *
+ * Two categories live here:
+ *   1. API-key management — creating or modifying API keys via the MCP server
+ *      is structurally out of scope (the agent uses a key already; minting more
+ *      from inside the agent is a privilege escalation pattern).
+ *   2. Catastrophic deletes — paths whose DELETE removes a top-level container
+ *      (a Space, a User) and is operationally irreversible. Allowing the agent
+ *      to issue these from a single tool call is too sharp an edge.
+ *
+ * Pattern syntax is the shared `compilePathGlob` engine: `*` matches one
+ * segment, `**` matches across segments, and every other character is literal.
+ */
+import {} from "./methodTier.js";
+import { pathMatchesGlob } from "./pathGlob.js";
+export const SENSITIVE_PATHS = [
+    {
+        pattern: "/api/users/*/apikeys",
+        reason: "API key management is out of scope for the MCP server. Use the Octopus web portal.",
+    },
+    {
+        pattern: "/api/users/*/apikeys/**",
+        reason: "API key management is out of scope for the MCP server. Use the Octopus web portal.",
+    },
+    {
+        method: "DELETE",
+        pattern: "/api/users/*",
+        reason: "Deleting a user is irreversible and out of scope for the MCP server.",
+    },
+    {
+        method: "DELETE",
+        pattern: "/api/spaces/*",
+        reason: "Deleting a Space is catastrophic and out of scope for the MCP server.",
+    },
+];
+export function isSensitive(method, path, entries = SENSITIVE_PATHS) {
+    for (const entry of entries) {
+        if (entry.method && entry.method !== method)
+            continue;
+        if (pathMatchesGlob(path, entry.pattern)) {
+            return { blocked: true, reason: entry.reason };
+        }
+    }
+    return { blocked: false };
+}
+//# sourceMappingURL=sensitivePathDenylist.js.map

package/dist/helpers/sensitivePathDenylist.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sensitivePathDenylist.js","sourceRoot":"","sources":["../../src/helpers/sensitivePathDenylist.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,EAAmB,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAWhD,MAAM,CAAC,MAAM,eAAe,GAAyB;IACnD;QACE,OAAO,EAAE,sBAAsB;QAC/B,MAAM,EACJ,oFAAoF;KACvF;IACD;QACE,OAAO,EAAE,yBAAyB;QAClC,MAAM,EACJ,oFAAoF;KACvF;IACD;QACE,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,cAAc;QACvB,MAAM,EACJ,sEAAsE;KACzE;IACD;QACE,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,eAAe;QACxB,MAAM,EACJ,uEAAuE;KAC1E;CACF,CAAC;AAOF,MAAM,UAAU,WAAW,CACzB,MAAkB,EAClB,IAAY,EACZ,UAAgC,eAAe;IAE/C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM;YAAE,SAAS;QACtD,IAAI,eAAe,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC;QACjD,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC"}

package/dist/helpers/stripLinks.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Strip the HATEOAS `Links` bag from an Octopus API response object.
+ *
+ * Octopus REST responses include a `Links` map of hypermedia URLs (self, related
+ * collections, etc.) that an LLM consumer doesn't need and that bloats the payload.
+ * Every resource handler that returns an api-client object as JSON should pass it
+ * through this helper first.
+ *
+ * The api-client typings often don't include `Links` on their response interfaces
+ * (the runtime payload has it; the typings don't always declare it), which is why
+ * the input is widened to `Record<string, unknown>` rather than typed against a
+ * specific resource interface.
+ */
+export declare function stripLinks(resource: object): Record<string, unknown>;
+//# sourceMappingURL=stripLinks.d.ts.map

package/dist/helpers/stripLinks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stripLinks.d.ts","sourceRoot":"","sources":["../../src/helpers/stripLinks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAIpE"}

package/dist/helpers/stripLinks.js

@@ -0,0 +1,19 @@
+/**
+ * Strip the HATEOAS `Links` bag from an Octopus API response object.
+ *
+ * Octopus REST responses include a `Links` map of hypermedia URLs (self, related
+ * collections, etc.) that an LLM consumer doesn't need and that bloats the payload.
+ * Every resource handler that returns an api-client object as JSON should pass it
+ * through this helper first.
+ *
+ * The api-client typings often don't include `Links` on their response interfaces
+ * (the runtime payload has it; the typings don't always declare it), which is why
+ * the input is widened to `Record<string, unknown>` rather than typed against a
+ * specific resource interface.
+ */
+export function stripLinks(resource) {
+    const copy = { ...resource };
+    delete copy.Links;
+    return copy;
+}
+//# sourceMappingURL=stripLinks.js.map

package/dist/helpers/stripLinks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stripLinks.js","sourceRoot":"","sources":["../../src/helpers/stripLinks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,UAAU,CAAC,QAAgB;IACzC,MAAM,IAAI,GAA4B,EAAE,GAAG,QAAQ,EAA6B,CAAC;IACjF,OAAO,IAAI,CAAC,KAAK,CAAC;IAClB,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/helpers/userCache.d.ts

@@ -0,0 +1,14 @@
+import { type Client } from "@octopusdeploy/api-client";
+export interface CurrentUser {
+    Id: string;
+    Username: string;
+    DisplayName: string;
+    IsActive: boolean;
+    IsService: boolean;
+    EmailAddress: string;
+    CanPasswordBeEdited: boolean;
+    IsRequestor: boolean;
+}
+export declare function getCurrentUserCached(client: Client): Promise<CurrentUser>;
+export declare function clearUserCache(): void;
+//# sourceMappingURL=userCache.d.ts.map

package/dist/helpers/userCache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"userCache.d.ts","sourceRoot":"","sources":["../../src/helpers/userCache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,MAAM,EAAE,MAAM,2BAA2B,CAAC;AAExD,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,EAAE,OAAO,CAAC;IAC7B,WAAW,EAAE,OAAO,CAAC;CACtB;AAMD,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAS/E;AAED,wBAAgB,cAAc,IAAI,IAAI,CAErC"}

package/dist/helpers/userCache.js

@@ -0,0 +1,16 @@
+import {} from "@octopusdeploy/api-client";
+const CACHE_TTL = 3600000;
+let cached;
+export async function getCurrentUserCached(client) {
+    const now = Date.now();
+    if (cached && now - cached.timestamp < CACHE_TTL) {
+        return cached.user;
+    }
+    const user = await client.get("~/api/users/me");
+    cached = { user, timestamp: now };
+    return user;
+}
+export function clearUserCache() {
+    cached = undefined;
+}
+//# sourceMappingURL=userCache.js.map

package/dist/helpers/userCache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"userCache.js","sourceRoot":"","sources":["../../src/helpers/userCache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAe,MAAM,2BAA2B,CAAC;AAaxD,MAAM,SAAS,GAAG,OAAO,CAAC;AAE1B,IAAI,MAA4D,CAAC;AAEjE,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,MAAc;IACvD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,MAAM,IAAI,GAAG,GAAG,MAAM,CAAC,SAAS,GAAG,SAAS,EAAE,CAAC;QACjD,OAAO,MAAM,CAAC,IAAI,CAAC;IACrB,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,GAAG,CAAc,gBAAgB,CAAC,CAAC;IAC7D,MAAM,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;IAClC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,MAAM,GAAG,SAAS,CAAC;AACrB,CAAC"}

package/dist/helpers/validateExecutePath.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Reject `execute` paths whose canonical form differs from what the allowlist
+ * and denylist would see, so a path like
+ *
+ *     /api/spaces/Spaces-1/../../users/me/apikeys
+ *
+ * cannot pass the `/api/spaces/**` allowlist while resolving to
+ * `/api/users/me/apikeys` on the server.
+ *
+ * The validator is deliberately conservative: anything that introduces
+ * ambiguity between the literal path string and what the HTTP client / Octopus
+ * routing will see — `..` segments, encoded slashes, backslashes, query
+ * strings, fragments, double slashes — is rejected outright. We do NOT try to
+ * normalise the path; rejecting unambiguously is safer than guessing the
+ * caller's intent.
+ *
+ * Query parameters belong in the `query` argument of the execute tool, not
+ * inside the `path` string — surfacing that as a reject prompts the agent to
+ * use the right field.
+ */
+export type PathValidation = {
+    ok: true;
+    path: string;
+} | {
+    ok: false;
+    reason: string;
+};
+export declare function validateExecutePath(raw: string): PathValidation;
+//# sourceMappingURL=validateExecutePath.d.ts.map

package/dist/helpers/validateExecutePath.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validateExecutePath.d.ts","sourceRoot":"","sources":["../../src/helpers/validateExecutePath.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,MAAM,cAAc,GACtB;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAC1B;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAElC,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,cAAc,CA2C/D"}

package/dist/helpers/validateExecutePath.js

@@ -0,0 +1,62 @@
+/**
+ * Reject `execute` paths whose canonical form differs from what the allowlist
+ * and denylist would see, so a path like
+ *
+ *     /api/spaces/Spaces-1/../../users/me/apikeys
+ *
+ * cannot pass the `/api/spaces/**` allowlist while resolving to
+ * `/api/users/me/apikeys` on the server.
+ *
+ * The validator is deliberately conservative: anything that introduces
+ * ambiguity between the literal path string and what the HTTP client / Octopus
+ * routing will see — `..` segments, encoded slashes, backslashes, query
+ * strings, fragments, double slashes — is rejected outright. We do NOT try to
+ * normalise the path; rejecting unambiguously is safer than guessing the
+ * caller's intent.
+ *
+ * Query parameters belong in the `query` argument of the execute tool, not
+ * inside the `path` string — surfacing that as a reject prompts the agent to
+ * use the right field.
+ */
+export function validateExecutePath(raw) {
+    if (typeof raw !== "string" || raw.length === 0) {
+        return { ok: false, reason: "Path must be a non-empty string." };
+    }
+    if (!raw.startsWith("/")) {
+        return { ok: false, reason: "Path must start with '/'." };
+    }
+    if (raw.includes("\\")) {
+        return { ok: false, reason: "Path must not contain backslashes." };
+    }
+    if (raw.includes("?")) {
+        return {
+            ok: false,
+            reason: "Path must not contain a query string. Pass query parameters via the `query` argument instead.",
+        };
+    }
+    if (raw.includes("#")) {
+        return { ok: false, reason: "Path must not contain a fragment ('#')." };
+    }
+    if (raw.includes("//")) {
+        return { ok: false, reason: "Path must not contain '//'." };
+    }
+    if (/%2f|%5c/i.test(raw)) {
+        return {
+            ok: false,
+            reason: "Path must not contain percent-encoded slashes ('%2F') or backslashes ('%5C').",
+        };
+    }
+    // Reject any `..` segment — exact, leading, trailing, or surrounded by
+    // slashes. We do not attempt to resolve them.
+    const segments = raw.split("/");
+    for (const segment of segments) {
+        if (segment === "..") {
+            return {
+                ok: false,
+                reason: "Path must not contain '..' segments. Provide the canonical path explicitly.",
+            };
+        }
+    }
+    return { ok: true, path: raw };
+}
+//# sourceMappingURL=validateExecutePath.js.map

package/dist/helpers/validateExecutePath.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validateExecutePath.js","sourceRoot":"","sources":["../../src/helpers/validateExecutePath.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAMH,MAAM,UAAU,mBAAmB,CAAC,GAAW;IAC7C,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,kCAAkC,EAAE,CAAC;IACnE,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;IAC5D,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,oCAAoC,EAAE,CAAC;IACrE,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EACJ,+FAA+F;SAClG,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,yCAAyC,EAAE,CAAC;IAC1E,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,6BAA6B,EAAE,CAAC;IAC9D,CAAC;IACD,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EACJ,+EAA+E;SAClF,CAAC;IACJ,CAAC;IACD,uEAAuE;IACvE,8CAA8C;IAC9C,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,MAAM,EACJ,6EAA6E;aAChF,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;AACjC,CAAC"}

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAmBA,eAAO,MAAM,cAAc,QAAsB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAoBA,eAAO,MAAM,cAAc,QAAsB,CAAC"}

package/dist/index.js

@@ -2,6 +2,7 @@
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { registerTools } from "./tools/index.js";
+import { registerResources } from "./resources/index.js";
 import { Command } from "commander";
 import dotenv from "dotenv";
 import { createToolsetConfig } from "./utils/parseConfig.js";
@@ -24,22 +25,75 @@ program
     .description("Octopus Deploy MCP Server")
     .version(SEMVER_VERSION)
     .option("-s, --server-url <url>", "Octopus server URL")
-    .option("-k, --api-key <key>", "Octopus API key")
     .option("--toolsets <toolsets>", `Comma-separated list of toolsets to enable, or "all" (default: all). Available toolsets: ${DEFAULT_TOOLSETS.join(", ")}`)
-    .option("--no-read-only", "Disable read-only mode to enable write operations (default: read-only enabled)")
+    .option("--read-only", "Enable read-only mode: disable all write tools and block POST/PUT/PATCH/DELETE through the execute tool (default: write tools enabled)")
+    .option("--allow-deletes", "Permit DELETE-method requests through the execute tool. Ignored (with a startup warning) when --read-only is set. Default false.")
     .option("--log-level <level>", "Minimum log level (info, error)", "info")
     .option("--log-file <path>", "Log file path or filename. If not specified, logs are written to console only.")
     .option("-q, --quiet", "Disable file logging, only log errors to console", false)
     .option("--list-tools-by-version", "List all registered tools by their supported Octopus Server version and exit")
     .parse();
 const options = program.opts();
+// Resolve the Octopus server URL up front so the MCP `instructions` string
+// can advertise which instance the client is connected to. Mirrors the
+// precedence used by getClientConfigurationFromEnvironment (CLI flag wins
+// over OCTOPUS_SERVER_URL env var).
+if (options.serverUrl) {
+    process.env.CLI_SERVER_URL = options.serverUrl;
+}
+const configuredServerUrl = process.env.CLI_SERVER_URL ||
+    process.env.OCTOPUS_SERVER_URL ||
+    "(not configured — set OCTOPUS_SERVER_URL or pass --server-url)";
+const SERVER_INSTRUCTIONS = `
+The official Octopus Deploy MCP server, currently connected to: ${configuredServerUrl}
+
+Tools are grouped into toolsets (${DEFAULT_TOOLSETS.join(", ")}) and you can filter them via --toolsets. Writes are on by default; pass --read-only to gate them off.
+
+Resource URIs and how to dereference them:
+- Many tools return slim summaries plus an 'octopus://...' URI in fields like 'resourceUri' or 'taskResourceUri' instead of inlining heavy payloads (release notes, packaged versions, structured task activity trees, etc.). To fetch the full body, dereference the URI.
+- Resource-aware clients (Claude Code, MCP Inspector): call the standard 'resources/read' primitive with the URI.
+- Clients without native resources/read (Claude.ai web, several IDE integrations): call the 'read_resource' tool with { uri }. It returns the same body as resources/read. Always available, regardless of toolset filter.
+- The 'read_resource' tool is the universal bridge from any URI returned by any tool — if you see an 'octopus://' string in a response and don't know what to do with it, call read_resource with it.
+
+Currently exposed resource families:
+- releases: 'octopus://spaces/{spaceName}/releases/{releaseId}'
+- tasks: 'octopus://spaces/{spaceName}/tasks/{taskId}' (metadata) and '/details' (structured ActivityLogs tree)
+- interruptions: 'octopus://spaces/{spaceName}/interruptions/{interruptionId}' (full Form definition with control types, Markdown instructions, button options like Abort/Proceed, and any submitted Form.Values). The find_interruptions tool returns slim summaries that point at this URI; dereference it to drill into a specific interruption.
+- feature toggles: 'octopus://spaces/{spaceName}/projects/{projectId}/featuretoggles/{slug}' (full toggle body — per-environment configuration including tenant lists, segments, minimum versions). The find_feature_toggles slim summaries omit those fields and point at this URI.
+- rollout groups: 'octopus://spaces/{spaceName}/projects/{projectId}/rolloutgroups/{rolloutGroupId}' (read-only — this server doesn't expose rollout group writes; use the Octopus UI for those).
+- catalog: 'octopus://api/llms.txt' is the markdown catalog of every Octopus REST endpoint (~300+ KB). 'octopus://api/capabilities' is the runtime introspection blob (server version, enabled toolsets, available tools, feature flags).
+
+There is intentionally NO 'octopus://.../tasks/{id}/log' resource. Activity logs can be multi-megabyte; an addressable resource would tempt you to fetch the entire body when you almost always want only the matching lines. To search a task log, call the 'grep_task_log' tool — its parameters mirror GNU grep (pattern, caseInsensitive, invertMatch, fixedString, beforeContext, afterContext, maxCount) and it returns matching lines with totalMatches count and optional context windows. For step hierarchy / categories / timing, fetch the /details resource instead.
+
+The same pattern applies to the API catalog: do NOT read 'octopus://api/llms.txt' directly because the body is large. Use the 'grep_llms_txt' tool — same GNU-grep parameter shape — to find the endpoints, methods, and request/response shapes you need.
+
+The 'execute' tool reaches Octopus REST endpoints not covered by curated tools. **Method gating is hard-coded server-side**, three tiers:
+- GET                    → read tier:   always allowed (subject to toolset allowlist + sensitive denylist).
+- POST / PUT / PATCH     → write tier:  blocked when --read-only is set; requires user confirmation via elicitation otherwise.
+- DELETE                 → delete tier: requires --allow-deletes (and is blocked when --read-only is set) AND a stronger confirmation.
+
+The HTTP method enum IS the read/write/delete classifier — the runtime classifies based on the actual method, never on a flag the agent sets. Use grep_llms_txt to discover the right path + method before calling execute.
+
+More resource families will be added over time.
+`.trim();
 const server = new McpServer({
     name: "Octopus Deploy",
     description: "Official Octopus Deploy MCP server.",
     version: SEMVER_VERSION,
+}, {
+    instructions: SERVER_INSTRUCTIONS,
 });
-const toolsetConfig = createToolsetConfig(options.toolsets, options.readOnly);
+const toolsetConfig = createToolsetConfig(options.toolsets, options.readOnly, options.allowDeletes);
+// `--allow-deletes` only takes effect when writes are enabled. Surface this
+// on stderr at startup so an operator who set both --read-only and
+// --allow-deletes doesn't silently end up with DELETE requests blocked.
+if (toolsetConfig.allowDeletes && toolsetConfig.readOnlyMode) {
+    process.stderr.write("WARNING: --allow-deletes was provided, but --read-only is also set. " +
+        "DELETE requests through the execute tool remain blocked. Remove " +
+        "--read-only to enable DELETE.\n");
+}
 registerTools(server, toolsetConfig);
+registerResources(server, toolsetConfig);
 if (options.listToolsByVersion) {
     printToolVersionAnalysis();
     process.exit(0);
@@ -54,12 +108,7 @@ if (options.logFile) {
 }
 logger.setLogLevel(logger.parseLogLevel(options.logLevel));
 logger.setQuietMode(options.quiet);
-if (options.serverUrl) {
-    process.env.CLI_SERVER_URL = options.serverUrl;
-}
-if (options.apiKey) {
-    process.env.CLI_API_KEY = options.apiKey;
-}
+// CLI_SERVER_URL is set earlier so the MCP instructions string can reference it.
 // Set up initialization callback to capture client info
 server.server.oninitialized = () => {
     const clientInfo = server.server.getClientVersion();

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EACL,gBAAgB,EAChB,wBAAwB,GACzB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,qCAAqC,EAAE,MAAM,oDAAoD,CAAC;AAC3G,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,WAAW,MAAM,iBAAiB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAErC,MAAM,CAAC,MAAM,cAAc,GAAG,WAAW,CAAC,OAAO,CAAC;AAElD,+DAA+D;AAC/D,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC,MAAM,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAE/B,+BAA+B;AAC/B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,OAAO;KACJ,IAAI,CAAC,oBAAoB,CAAC;KAC1B,WAAW,CAAC,2BAA2B,CAAC;KACxC,OAAO,CAAC,cAAc,CAAC;KACvB,MAAM,CAAC,wBAAwB,EAAE,oBAAoB,CAAC;KACtD,MAAM,CAAC,qBAAqB,EAAE,iBAAiB,CAAC;KAChD,MAAM,CACL,uBAAuB,EACvB,4FAA4F,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1H;KACA,MAAM,CACL,gBAAgB,EAChB,gFAAgF,CACjF;KACA,MAAM,CAAC,qBAAqB,EAAE,iCAAiC,EAAE,MAAM,CAAC;KACxE,MAAM,CACL,mBAAmB,EACnB,gFAAgF,CACjF;KACA,MAAM,CACL,aAAa,EACb,kDAAkD,EAClD,KAAK,CACN;KACA,MAAM,CACL,yBAAyB,EACzB,8EAA8E,CAC/E;KACA,KAAK,EAAE,CAAC;AAEX,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;AAE/B,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,qCAAqC;IAClD,OAAO,EAAE,cAAc;CACxB,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,mBAAmB,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;AAC9E,aAAa,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;AAErC,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;IAC/B,wBAAwB,EAAE,CAAC;IAC3B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IACpB,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC;QACrC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;AACH,CAAC;AAED,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC3D,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAEnC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;IACtB,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC;AACjD,CAAC;AACD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IACnB,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC;AAC3C,CAAC;AAED,wDAAwD;AACxD,MAAM,CAAC,MAAM,CAAC,aAAa,GAAG,GAAG,EAAE;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;IACpD,IAAI,UAAU,EAAE,CAAC;QACf,aAAa,CAAC,UAAU,CAAC,IAAI,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;QACnD,MAAM,CAAC,IAAI,CACT,uBAAuB,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE,CAChE,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IACjE,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,IAAI,CAAC,gDAAgD,cAAc,GAAG,CAAC,CAAC;AAE/E,eAAe;AACf,KAAK,UAAU,SAAS;IACtB,qBAAqB;IACrB,qCAAqC,EAAE,CAAC;IAExC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IAC1B,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,CAAC,OAAO,KAAK,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;IAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EACL,gBAAgB,EAChB,wBAAwB,GACzB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,qCAAqC,EAAE,MAAM,oDAAoD,CAAC;AAC3G,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,WAAW,MAAM,iBAAiB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAErC,MAAM,CAAC,MAAM,cAAc,GAAG,WAAW,CAAC,OAAO,CAAC;AAElD,+DAA+D;AAC/D,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC,MAAM,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AAE/B,+BAA+B;AAC/B,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,OAAO;KACJ,IAAI,CAAC,oBAAoB,CAAC;KAC1B,WAAW,CAAC,2BAA2B,CAAC;KACxC,OAAO,CAAC,cAAc,CAAC;KACvB,MAAM,CAAC,wBAAwB,EAAE,oBAAoB,CAAC;KACtD,MAAM,CACL,uBAAuB,EACvB,4FAA4F,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1H;KACA,MAAM,CACL,aAAa,EACb,wIAAwI,CACzI;KACA,MAAM,CACL,iBAAiB,EACjB,kIAAkI,CACnI;KACA,MAAM,CAAC,qBAAqB,EAAE,iCAAiC,EAAE,MAAM,CAAC;KACxE,MAAM,CACL,mBAAmB,EACnB,gFAAgF,CACjF;KACA,MAAM,CACL,aAAa,EACb,kDAAkD,EAClD,KAAK,CACN;KACA,MAAM,CACL,yBAAyB,EACzB,8EAA8E,CAC/E;KACA,KAAK,EAAE,CAAC;AAEX,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;AAE/B,2EAA2E;AAC3E,uEAAuE;AACvE,0EAA0E;AAC1E,oCAAoC;AACpC,IAAI,OAAO,CAAC,SAAS,EAAE,CAAC;IACtB,OAAO,CAAC,GAAG,CAAC,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC;AACjD,CAAC;AACD,MAAM,mBAAmB,GACvB,OAAO,CAAC,GAAG,CAAC,cAAc;IAC1B,OAAO,CAAC,GAAG,CAAC,kBAAkB;IAC9B,gEAAgE,CAAC;AAEnE,MAAM,mBAAmB,GAAG;kEACsC,mBAAmB;;mCAElD,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA4B7D,CAAC,IAAI,EAAE,CAAC;AAET,MAAM,MAAM,GAAG,IAAI,SAAS,CAC1B;IACE,IAAI,EAAE,gBAAgB;IACtB,WAAW,EAAE,qCAAqC;IAClD,OAAO,EAAE,cAAc;CACxB,EACD;IACE,YAAY,EAAE,mBAAmB;CAClC,CACF,CAAC;AAEF,MAAM,aAAa,GAAG,mBAAmB,CACvC,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,YAAY,CACrB,CAAC;AAEF,4EAA4E;AAC5E,mEAAmE;AACnE,wEAAwE;AACxE,IAAI,aAAa,CAAC,YAAY,IAAI,aAAa,CAAC,YAAY,EAAE,CAAC;IAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sEAAsE;QACpE,kEAAkE;QAClE,iCAAiC,CACpC,CAAC;AACJ,CAAC;AAED,aAAa,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;AACrC,iBAAiB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;AAEzC,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;IAC/B,wBAAwB,EAAE,CAAC;IAC3B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IACpB,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC;QACrC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;AACH,CAAC;AAED,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC3D,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAEnC,iFAAiF;AAEjF,wDAAwD;AACxD,MAAM,CAAC,MAAM,CAAC,aAAa,GAAG,GAAG,EAAE;IACjC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;IACpD,IAAI,UAAU,EAAE,CAAC;QACf,aAAa,CAAC,UAAU,CAAC,IAAI,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;QACnD,MAAM,CAAC,IAAI,CACT,uBAAuB,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE,CAChE,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IACjE,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,IAAI,CAAC,gDAAgD,cAAc,GAAG,CAAC,CAAC;AAE/E,eAAe;AACf,KAAK,UAAU,SAAS;IACtB,qBAAqB;IACrB,qCAAqC,EAAE,CAAC;IAExC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IAC1B,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,CAAC,OAAO,KAAK,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;IAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/resources/catalog/capabilities.d.ts

@@ -0,0 +1,36 @@
+import { type Toolset } from "../../types/toolConfig.js";
+import { type MethodTier } from "../../helpers/methodTier.js";
+interface CapabilityToolEntry {
+    name: string;
+    toolset: Toolset;
+    readOnly: boolean;
+    minimumOctopusVersion?: string;
+    /**
+     * True for tools whose actual read/write/delete behaviour depends on
+     * arguments rather than a static tool-level flag. Currently set only on
+     * `execute`, where the HTTP method is the runtime classifier.
+     */
+    methodGated?: boolean;
+    /**
+     * Effective method tiers reachable through this tool in the *current*
+     * session. For `execute` this reflects --read-only and --allow-deletes;
+     * for static tools it is undefined (the `readOnly` flag is sufficient).
+     */
+    tiersAvailable?: MethodTier[];
+}
+interface Capabilities {
+    server: {
+        version: string;
+        installationId: string;
+    };
+    session: {
+        enabledToolsets: Toolset[];
+        readOnlyMode: boolean;
+        allowDeletes: boolean;
+    };
+    tools: CapabilityToolEntry[];
+    featureFlags?: unknown;
+}
+export declare function buildCapabilities(): Promise<Capabilities>;
+export {};
+//# sourceMappingURL=capabilities.d.ts.map

package/dist/resources/catalog/capabilities.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"capabilities.d.ts","sourceRoot":"","sources":["../../../src/resources/catalog/capabilities.ts"],"names":[],"mappings":"AAGA,OAAO,EAGL,KAAK,OAAO,EACb,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAG9D,UAAU,mBAAmB;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,OAAO,CAAC;IAClB,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B;;;;OAIG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB;;;;OAIG;IACH,cAAc,CAAC,EAAE,UAAU,EAAE,CAAC;CAC/B;AAED,UAAU,YAAY;IACpB,MAAM,EAAE;QACN,OAAO,EAAE,MAAM,CAAC;QAChB,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC;IACF,OAAO,EAAE;QACP,eAAe,EAAE,OAAO,EAAE,CAAC;QAC3B,YAAY,EAAE,OAAO,CAAC;QACtB,YAAY,EAAE,OAAO,CAAC;KACvB,CAAC;IACF,KAAK,EAAE,mBAAmB,EAAE,CAAC;IAC7B,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAUD,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,YAAY,CAAC,CA+D/D"}