npm - @pan-sec/notebooklm-mcp - Versions diffs - 2026.3.3 → 2026.4.0 - Mend

@pan-sec/notebooklm-mcp 2026.3.3 → 2026.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (466) hide show

package/dist/auth/auth-manager.d.ts +0 -1
package/dist/auth/auth-manager.js +0 -1
package/dist/auth/mcp-auth.d.ts +0 -1
package/dist/auth/mcp-auth.js +0 -1
package/dist/compliance/alert-manager.d.ts +6 -2
package/dist/compliance/alert-manager.js +40 -10
package/dist/compliance/breach-detection.d.ts +0 -1
package/dist/compliance/breach-detection.js +0 -1
package/dist/compliance/change-log.d.ts +13 -1
package/dist/compliance/change-log.js +82 -16
package/dist/compliance/compliance-logger.d.ts +29 -3
package/dist/compliance/compliance-logger.js +90 -27
package/dist/compliance/compliance-tools.d.ts +0 -1
package/dist/compliance/compliance-tools.js +0 -1
package/dist/compliance/consent-manager.d.ts +0 -1
package/dist/compliance/consent-manager.js +0 -1
package/dist/compliance/dashboard.d.ts +4 -3
package/dist/compliance/dashboard.js +11 -8
package/dist/compliance/data-classification.d.ts +0 -1
package/dist/compliance/data-classification.js +0 -1
package/dist/compliance/data-erasure.d.ts +0 -1
package/dist/compliance/data-erasure.js +0 -1
package/dist/compliance/data-export.d.ts +0 -1
package/dist/compliance/data-export.js +0 -1
package/dist/compliance/data-inventory.d.ts +0 -1
package/dist/compliance/data-inventory.js +0 -1
package/dist/compliance/dsar-handler.d.ts +0 -1
package/dist/compliance/dsar-handler.js +0 -1
package/dist/compliance/evidence-collector.d.ts +0 -1
package/dist/compliance/evidence-collector.js +4 -2
package/dist/compliance/health-monitor.d.ts +0 -1
package/dist/compliance/health-monitor.js +0 -1
package/dist/compliance/incident-manager.d.ts +0 -1
package/dist/compliance/incident-manager.js +0 -1
package/dist/compliance/index.d.ts +0 -1
package/dist/compliance/index.js +0 -1
package/dist/compliance/policy-docs.d.ts +0 -1
package/dist/compliance/policy-docs.js +0 -1
package/dist/compliance/privacy-notice-text.d.ts +0 -1
package/dist/compliance/privacy-notice-text.js +0 -1
package/dist/compliance/privacy-notice.d.ts +0 -1
package/dist/compliance/privacy-notice.js +0 -1
package/dist/compliance/report-generator.d.ts +7 -1
package/dist/compliance/report-generator.js +116 -34
package/dist/compliance/retention-engine.d.ts +0 -1
package/dist/compliance/retention-engine.js +0 -1
package/dist/compliance/siem-exporter.d.ts +26 -2
package/dist/compliance/siem-exporter.js +89 -24
package/dist/compliance/types.d.ts +0 -1
package/dist/compliance/types.js +0 -1
package/dist/config.d.ts +0 -1
package/dist/config.js +2 -3
package/dist/errors.d.ts +0 -1
package/dist/errors.js +0 -1
package/dist/events/event-emitter.d.ts +9 -1
package/dist/events/event-emitter.js +47 -8
package/dist/events/event-types.d.ts +0 -1
package/dist/events/event-types.js +8 -2
package/dist/gemini/gemini-client.d.ts +0 -1
package/dist/gemini/gemini-client.js +237 -45
package/dist/gemini/index.d.ts +0 -1
package/dist/gemini/index.js +0 -1
package/dist/gemini/pdf-chunker.d.ts +0 -1
package/dist/gemini/pdf-chunker.js +60 -35
package/dist/gemini/types.d.ts +0 -1
package/dist/gemini/types.js +0 -1
package/dist/index.d.ts +0 -1
package/dist/index.js +60 -7
package/dist/library/notebook-library.d.ts +30 -2
package/dist/library/notebook-library.js +345 -85
package/dist/library/types.d.ts +0 -1
package/dist/library/types.js +0 -1
package/dist/logging/index.d.ts +0 -1
package/dist/logging/index.js +0 -1
package/dist/logging/query-logger.d.ts +20 -1
package/dist/logging/query-logger.js +104 -21
package/dist/notebook-creation/audio-manager.d.ts +0 -1
package/dist/notebook-creation/audio-manager.js +111 -20
package/dist/notebook-creation/browser-options.d.ts +0 -1
package/dist/notebook-creation/browser-options.js +0 -1
package/dist/notebook-creation/data-table-manager.d.ts +7 -1
package/dist/notebook-creation/data-table-manager.js +59 -3
package/dist/notebook-creation/dom-scripts.d.ts +0 -1
package/dist/notebook-creation/dom-scripts.js +0 -1
package/dist/notebook-creation/errors.d.ts +0 -1
package/dist/notebook-creation/errors.js +0 -1
package/dist/notebook-creation/index.d.ts +0 -1
package/dist/notebook-creation/index.js +0 -1
package/dist/notebook-creation/notebook-creator.d.ts +9 -1
package/dist/notebook-creation/notebook-creator.js +50 -1
package/dist/notebook-creation/notebook-nav.d.ts +0 -1
package/dist/notebook-creation/notebook-nav.js +21 -6
package/dist/notebook-creation/notebook-sync.d.ts +14 -2
package/dist/notebook-creation/notebook-sync.js +124 -35
package/dist/notebook-creation/selectors.d.ts +0 -1
package/dist/notebook-creation/selectors.js +6 -4
package/dist/notebook-creation/source-manager.d.ts +29 -2
package/dist/notebook-creation/source-manager.js +0 -0
package/dist/notebook-creation/types.d.ts +0 -1
package/dist/notebook-creation/types.js +0 -1
package/dist/notebook-creation/video-manager.d.ts +0 -1
package/dist/notebook-creation/video-manager.js +91 -15
package/dist/observability/metrics.d.ts +0 -1
package/dist/observability/metrics.js +0 -1
package/dist/quota/index.d.ts +0 -1
package/dist/quota/index.js +0 -1
package/dist/quota/quota-manager.d.ts +59 -4
package/dist/quota/quota-manager.js +195 -46
package/dist/resources/resource-handlers.d.ts +0 -1
package/dist/resources/resource-handlers.js +33 -3
package/dist/session/browser-session.d.ts +0 -1
package/dist/session/browser-session.js +0 -1
package/dist/session/session-manager.d.ts +0 -1
package/dist/session/session-manager.js +0 -1
package/dist/session/session-timeout.d.ts +0 -1
package/dist/session/session-timeout.js +0 -1
package/dist/session/shared-context-manager.d.ts +0 -1
package/dist/session/shared-context-manager.js +0 -1
package/dist/tools/annotations.d.ts +0 -1
package/dist/tools/annotations.js +0 -1
package/dist/tools/definitions/ask-question.d.ts +6 -3
package/dist/tools/definitions/ask-question.js +12 -8
package/dist/tools/definitions/chat-history.d.ts +0 -1
package/dist/tools/definitions/chat-history.js +1 -1
package/dist/tools/definitions/data-tables.d.ts +0 -1
package/dist/tools/definitions/data-tables.js +4 -1
package/dist/tools/definitions/gemini.d.ts +0 -1
package/dist/tools/definitions/gemini.js +14 -7
package/dist/tools/definitions/notebook-management.d.ts +0 -1
package/dist/tools/definitions/notebook-management.js +7 -2
package/dist/tools/definitions/query-history.d.ts +0 -1
package/dist/tools/definitions/query-history.js +0 -1
package/dist/tools/definitions/session-management.d.ts +0 -1
package/dist/tools/definitions/session-management.js +0 -1
package/dist/tools/definitions/system.d.ts +0 -1
package/dist/tools/definitions/system.js +32 -12
package/dist/tools/definitions/video.d.ts +0 -1
package/dist/tools/definitions/video.js +6 -3
package/dist/tools/definitions.d.ts +0 -1
package/dist/tools/definitions.js +0 -1
package/dist/tools/handlers/ask-question.d.ts +0 -1
package/dist/tools/handlers/ask-question.js +47 -18
package/dist/tools/handlers/audio-video.d.ts +0 -1
package/dist/tools/handlers/audio-video.js +0 -1
package/dist/tools/handlers/auth.d.ts +0 -1
package/dist/tools/handlers/auth.js +0 -1
package/dist/tools/handlers/error-utils.d.ts +0 -1
package/dist/tools/handlers/error-utils.js +0 -1
package/dist/tools/handlers/gemini.d.ts +0 -1
package/dist/tools/handlers/gemini.js +0 -1
package/dist/tools/handlers/index.d.ts +0 -1
package/dist/tools/handlers/index.js +0 -1
package/dist/tools/handlers/notebook-creation.d.ts +0 -1
package/dist/tools/handlers/notebook-creation.js +16 -1
package/dist/tools/handlers/notebook-management.d.ts +0 -1
package/dist/tools/handlers/notebook-management.js +7 -2
package/dist/tools/handlers/session-management.d.ts +0 -1
package/dist/tools/handlers/session-management.js +0 -1
package/dist/tools/handlers/system.d.ts +0 -1
package/dist/tools/handlers/system.js +0 -1
package/dist/tools/handlers/types.d.ts +0 -1
package/dist/tools/handlers/types.js +0 -1
package/dist/tools/handlers/webhooks.d.ts +0 -1
package/dist/tools/handlers/webhooks.js +0 -1
package/dist/tools/icons.d.ts +0 -1
package/dist/tools/icons.js +0 -1
package/dist/tools/index.d.ts +0 -1
package/dist/tools/index.js +0 -1
package/dist/types.d.ts +0 -1
package/dist/types.js +0 -1
package/dist/utils/audit-logger.d.ts +11 -1
package/dist/utils/audit-logger.js +189 -21
package/dist/utils/cleanup-manager.d.ts +0 -1
package/dist/utils/cleanup-manager.js +0 -1
package/dist/utils/cli-handler.d.ts +0 -1
package/dist/utils/cli-handler.js +0 -1
package/dist/utils/crypto.d.ts +18 -9
package/dist/utils/crypto.js +93 -28
package/dist/utils/file-lock.d.ts +15 -1
package/dist/utils/file-lock.js +67 -59
package/dist/utils/file-permissions.d.ts +0 -1
package/dist/utils/file-permissions.js +35 -7
package/dist/utils/logger.d.ts +0 -1
package/dist/utils/logger.js +0 -1
package/dist/utils/page-utils.d.ts +0 -1
package/dist/utils/page-utils.js +32 -28
package/dist/utils/response-validator.d.ts +0 -1
package/dist/utils/response-validator.js +18 -15
package/dist/utils/secrets-scanner.d.ts +0 -1
package/dist/utils/secrets-scanner.js +32 -7
package/dist/utils/secure-memory.d.ts +34 -16
package/dist/utils/secure-memory.js +40 -25
package/dist/utils/security.d.ts +0 -1
package/dist/utils/security.js +66 -39
package/dist/utils/settings-manager.d.ts +9 -1
package/dist/utils/settings-manager.js +45 -2
package/dist/utils/stealth-utils.d.ts +0 -1
package/dist/utils/stealth-utils.js +11 -9
package/dist/webhooks/index.d.ts +0 -1
package/dist/webhooks/index.js +0 -1
package/dist/webhooks/types.d.ts +0 -1
package/dist/webhooks/types.js +0 -1
package/dist/webhooks/webhook-dispatcher.d.ts +0 -1
package/dist/webhooks/webhook-dispatcher.js +0 -1
package/package.json +5 -4
package/dist/auth/auth-manager.d.ts.map +0 -1
package/dist/auth/auth-manager.js.map +0 -1
package/dist/auth/mcp-auth.d.ts.map +0 -1
package/dist/auth/mcp-auth.js.map +0 -1
package/dist/compliance/alert-manager.d.ts.map +0 -1
package/dist/compliance/alert-manager.js.map +0 -1
package/dist/compliance/breach-detection.d.ts.map +0 -1
package/dist/compliance/breach-detection.js.map +0 -1
package/dist/compliance/change-log.d.ts.map +0 -1
package/dist/compliance/change-log.js.map +0 -1
package/dist/compliance/compliance-logger.d.ts.map +0 -1
package/dist/compliance/compliance-logger.js.map +0 -1
package/dist/compliance/compliance-tools.d.ts.map +0 -1
package/dist/compliance/compliance-tools.js.map +0 -1
package/dist/compliance/consent-manager.d.ts.map +0 -1
package/dist/compliance/consent-manager.js.map +0 -1
package/dist/compliance/dashboard.d.ts.map +0 -1
package/dist/compliance/dashboard.js.map +0 -1
package/dist/compliance/data-classification.d.ts.map +0 -1
package/dist/compliance/data-classification.js.map +0 -1
package/dist/compliance/data-erasure.d.ts.map +0 -1
package/dist/compliance/data-erasure.js.map +0 -1
package/dist/compliance/data-export.d.ts.map +0 -1
package/dist/compliance/data-export.js.map +0 -1
package/dist/compliance/data-inventory.d.ts.map +0 -1
package/dist/compliance/data-inventory.js.map +0 -1
package/dist/compliance/dsar-handler.d.ts.map +0 -1
package/dist/compliance/dsar-handler.js.map +0 -1
package/dist/compliance/evidence-collector.d.ts.map +0 -1
package/dist/compliance/evidence-collector.js.map +0 -1
package/dist/compliance/health-monitor.d.ts.map +0 -1
package/dist/compliance/health-monitor.js.map +0 -1
package/dist/compliance/incident-manager.d.ts.map +0 -1
package/dist/compliance/incident-manager.js.map +0 -1
package/dist/compliance/index.d.ts.map +0 -1
package/dist/compliance/index.js.map +0 -1
package/dist/compliance/policy-docs.d.ts.map +0 -1
package/dist/compliance/policy-docs.js.map +0 -1
package/dist/compliance/privacy-notice-text.d.ts.map +0 -1
package/dist/compliance/privacy-notice-text.js.map +0 -1
package/dist/compliance/privacy-notice.d.ts.map +0 -1
package/dist/compliance/privacy-notice.js.map +0 -1
package/dist/compliance/report-generator.d.ts.map +0 -1
package/dist/compliance/report-generator.js.map +0 -1
package/dist/compliance/retention-engine.d.ts.map +0 -1
package/dist/compliance/retention-engine.js.map +0 -1
package/dist/compliance/siem-exporter.d.ts.map +0 -1
package/dist/compliance/siem-exporter.js.map +0 -1
package/dist/compliance/types.d.ts.map +0 -1
package/dist/compliance/types.js.map +0 -1
package/dist/config.d.ts.map +0 -1
package/dist/config.js.map +0 -1
package/dist/errors.d.ts.map +0 -1
package/dist/errors.js.map +0 -1
package/dist/events/event-emitter.d.ts.map +0 -1
package/dist/events/event-emitter.js.map +0 -1
package/dist/events/event-types.d.ts.map +0 -1
package/dist/events/event-types.js.map +0 -1
package/dist/gemini/gemini-client.d.ts.map +0 -1
package/dist/gemini/gemini-client.js.map +0 -1
package/dist/gemini/index.d.ts.map +0 -1
package/dist/gemini/index.js.map +0 -1
package/dist/gemini/pdf-chunker.d.ts.map +0 -1
package/dist/gemini/pdf-chunker.js.map +0 -1
package/dist/gemini/types.d.ts.map +0 -1
package/dist/gemini/types.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js.map +0 -1
package/dist/library/notebook-library.d.ts.map +0 -1
package/dist/library/notebook-library.js.map +0 -1
package/dist/library/types.d.ts.map +0 -1
package/dist/library/types.js.map +0 -1
package/dist/logging/index.d.ts.map +0 -1
package/dist/logging/index.js.map +0 -1
package/dist/logging/query-logger.d.ts.map +0 -1
package/dist/logging/query-logger.js.map +0 -1
package/dist/notebook-creation/audio-manager.d.ts.map +0 -1
package/dist/notebook-creation/audio-manager.js.map +0 -1
package/dist/notebook-creation/browser-options.d.ts.map +0 -1
package/dist/notebook-creation/browser-options.js.map +0 -1
package/dist/notebook-creation/data-table-manager.d.ts.map +0 -1
package/dist/notebook-creation/data-table-manager.js.map +0 -1
package/dist/notebook-creation/discover-creation-flow.d.ts +0 -2
package/dist/notebook-creation/discover-creation-flow.d.ts.map +0 -1
package/dist/notebook-creation/discover-creation-flow.js +0 -177
package/dist/notebook-creation/discover-creation-flow.js.map +0 -1
package/dist/notebook-creation/discover-quota.d.ts +0 -2
package/dist/notebook-creation/discover-quota.d.ts.map +0 -1
package/dist/notebook-creation/discover-quota.js +0 -194
package/dist/notebook-creation/discover-quota.js.map +0 -1
package/dist/notebook-creation/discover-source-dialog.d.ts +0 -8
package/dist/notebook-creation/discover-source-dialog.d.ts.map +0 -1
package/dist/notebook-creation/discover-source-dialog.js +0 -134
package/dist/notebook-creation/discover-source-dialog.js.map +0 -1
package/dist/notebook-creation/discover-sources.d.ts +0 -8
package/dist/notebook-creation/discover-sources.d.ts.map +0 -1
package/dist/notebook-creation/discover-sources.js +0 -272
package/dist/notebook-creation/discover-sources.js.map +0 -1
package/dist/notebook-creation/discover-text-input.d.ts +0 -7
package/dist/notebook-creation/discover-text-input.d.ts.map +0 -1
package/dist/notebook-creation/discover-text-input.js +0 -135
package/dist/notebook-creation/discover-text-input.js.map +0 -1
package/dist/notebook-creation/dom-scripts.d.ts.map +0 -1
package/dist/notebook-creation/dom-scripts.js.map +0 -1
package/dist/notebook-creation/errors.d.ts.map +0 -1
package/dist/notebook-creation/errors.js.map +0 -1
package/dist/notebook-creation/index.d.ts.map +0 -1
package/dist/notebook-creation/index.js.map +0 -1
package/dist/notebook-creation/notebook-creator.d.ts.map +0 -1
package/dist/notebook-creation/notebook-creator.js.map +0 -1
package/dist/notebook-creation/notebook-nav.d.ts.map +0 -1
package/dist/notebook-creation/notebook-nav.js.map +0 -1
package/dist/notebook-creation/notebook-sync.d.ts.map +0 -1
package/dist/notebook-creation/notebook-sync.js.map +0 -1
package/dist/notebook-creation/run-discovery.d.ts +0 -11
package/dist/notebook-creation/run-discovery.d.ts.map +0 -1
package/dist/notebook-creation/run-discovery.js +0 -151
package/dist/notebook-creation/run-discovery.js.map +0 -1
package/dist/notebook-creation/selector-discovery.d.ts +0 -65
package/dist/notebook-creation/selector-discovery.d.ts.map +0 -1
package/dist/notebook-creation/selector-discovery.js +0 -414
package/dist/notebook-creation/selector-discovery.js.map +0 -1
package/dist/notebook-creation/selectors.d.ts.map +0 -1
package/dist/notebook-creation/selectors.js.map +0 -1
package/dist/notebook-creation/selectors.ts +0 -112
package/dist/notebook-creation/source-manager.d.ts.map +0 -1
package/dist/notebook-creation/source-manager.js.map +0 -1
package/dist/notebook-creation/test-create.d.ts +0 -8
package/dist/notebook-creation/test-create.d.ts.map +0 -1
package/dist/notebook-creation/test-create.js +0 -72
package/dist/notebook-creation/test-create.js.map +0 -1
package/dist/notebook-creation/types.d.ts.map +0 -1
package/dist/notebook-creation/types.js.map +0 -1
package/dist/notebook-creation/video-manager.d.ts.map +0 -1
package/dist/notebook-creation/video-manager.js.map +0 -1
package/dist/observability/metrics.d.ts.map +0 -1
package/dist/observability/metrics.js.map +0 -1
package/dist/quota/index.d.ts.map +0 -1
package/dist/quota/index.js.map +0 -1
package/dist/quota/quota-manager.d.ts.map +0 -1
package/dist/quota/quota-manager.js.map +0 -1
package/dist/resources/resource-handlers.d.ts.map +0 -1
package/dist/resources/resource-handlers.js.map +0 -1
package/dist/session/browser-session.d.ts.map +0 -1
package/dist/session/browser-session.js.map +0 -1
package/dist/session/session-manager.d.ts.map +0 -1
package/dist/session/session-manager.js.map +0 -1
package/dist/session/session-timeout.d.ts.map +0 -1
package/dist/session/session-timeout.js.map +0 -1
package/dist/session/shared-context-manager.d.ts.map +0 -1
package/dist/session/shared-context-manager.js.map +0 -1
package/dist/tools/annotations.d.ts.map +0 -1
package/dist/tools/annotations.js.map +0 -1
package/dist/tools/definitions/ask-question.d.ts.map +0 -1
package/dist/tools/definitions/ask-question.js.map +0 -1
package/dist/tools/definitions/chat-history.d.ts.map +0 -1
package/dist/tools/definitions/chat-history.js.map +0 -1
package/dist/tools/definitions/data-tables.d.ts.map +0 -1
package/dist/tools/definitions/data-tables.js.map +0 -1
package/dist/tools/definitions/gemini.d.ts.map +0 -1
package/dist/tools/definitions/gemini.js.map +0 -1
package/dist/tools/definitions/notebook-management.d.ts.map +0 -1
package/dist/tools/definitions/notebook-management.js.map +0 -1
package/dist/tools/definitions/query-history.d.ts.map +0 -1
package/dist/tools/definitions/query-history.js.map +0 -1
package/dist/tools/definitions/session-management.d.ts.map +0 -1
package/dist/tools/definitions/session-management.js.map +0 -1
package/dist/tools/definitions/system.d.ts.map +0 -1
package/dist/tools/definitions/system.js.map +0 -1
package/dist/tools/definitions/video.d.ts.map +0 -1
package/dist/tools/definitions/video.js.map +0 -1
package/dist/tools/definitions.d.ts.map +0 -1
package/dist/tools/definitions.js.map +0 -1
package/dist/tools/handlers/ask-question.d.ts.map +0 -1
package/dist/tools/handlers/ask-question.js.map +0 -1
package/dist/tools/handlers/audio-video.d.ts.map +0 -1
package/dist/tools/handlers/audio-video.js.map +0 -1
package/dist/tools/handlers/auth.d.ts.map +0 -1
package/dist/tools/handlers/auth.js.map +0 -1
package/dist/tools/handlers/error-utils.d.ts.map +0 -1
package/dist/tools/handlers/error-utils.js.map +0 -1
package/dist/tools/handlers/gemini.d.ts.map +0 -1
package/dist/tools/handlers/gemini.js.map +0 -1
package/dist/tools/handlers/index.d.ts.map +0 -1
package/dist/tools/handlers/index.js.map +0 -1
package/dist/tools/handlers/notebook-creation.d.ts.map +0 -1
package/dist/tools/handlers/notebook-creation.js.map +0 -1
package/dist/tools/handlers/notebook-management.d.ts.map +0 -1
package/dist/tools/handlers/notebook-management.js.map +0 -1
package/dist/tools/handlers/session-management.d.ts.map +0 -1
package/dist/tools/handlers/session-management.js.map +0 -1
package/dist/tools/handlers/system.d.ts.map +0 -1
package/dist/tools/handlers/system.js.map +0 -1
package/dist/tools/handlers/types.d.ts.map +0 -1
package/dist/tools/handlers/types.js.map +0 -1
package/dist/tools/handlers/webhooks.d.ts.map +0 -1
package/dist/tools/handlers/webhooks.js.map +0 -1
package/dist/tools/handlers.d.ts +0 -666
package/dist/tools/handlers.d.ts.map +0 -1
package/dist/tools/handlers.js +0 -2929
package/dist/tools/handlers.js.map +0 -1
package/dist/tools/icons.d.ts.map +0 -1
package/dist/tools/icons.js.map +0 -1
package/dist/tools/index.d.ts.map +0 -1
package/dist/tools/index.js.map +0 -1
package/dist/types.d.ts.map +0 -1
package/dist/types.js.map +0 -1
package/dist/utils/audit-logger.d.ts.map +0 -1
package/dist/utils/audit-logger.js.map +0 -1
package/dist/utils/cert-pinning.d.ts +0 -97
package/dist/utils/cert-pinning.d.ts.map +0 -1
package/dist/utils/cert-pinning.js +0 -328
package/dist/utils/cert-pinning.js.map +0 -1
package/dist/utils/cleanup-manager.d.ts.map +0 -1
package/dist/utils/cleanup-manager.js.map +0 -1
package/dist/utils/cli-handler.d.ts.map +0 -1
package/dist/utils/cli-handler.js.map +0 -1
package/dist/utils/crypto.d.ts.map +0 -1
package/dist/utils/crypto.js.map +0 -1
package/dist/utils/file-lock.d.ts.map +0 -1
package/dist/utils/file-lock.js.map +0 -1
package/dist/utils/file-permissions.d.ts.map +0 -1
package/dist/utils/file-permissions.js.map +0 -1
package/dist/utils/logger.d.ts.map +0 -1
package/dist/utils/logger.js.map +0 -1
package/dist/utils/page-utils.d.ts.map +0 -1
package/dist/utils/page-utils.js.map +0 -1
package/dist/utils/response-validator.d.ts.map +0 -1
package/dist/utils/response-validator.js.map +0 -1
package/dist/utils/secrets-scanner.d.ts.map +0 -1
package/dist/utils/secrets-scanner.js.map +0 -1
package/dist/utils/secure-memory.d.ts.map +0 -1
package/dist/utils/secure-memory.js.map +0 -1
package/dist/utils/security.d.ts.map +0 -1
package/dist/utils/security.js.map +0 -1
package/dist/utils/settings-manager.d.ts.map +0 -1
package/dist/utils/settings-manager.js.map +0 -1
package/dist/utils/stealth-utils.d.ts.map +0 -1
package/dist/utils/stealth-utils.js.map +0 -1
package/dist/utils/tool-validation.d.ts +0 -93
package/dist/utils/tool-validation.d.ts.map +0 -1
package/dist/utils/tool-validation.js +0 -277
package/dist/utils/tool-validation.js.map +0 -1
package/dist/webhooks/index.d.ts.map +0 -1
package/dist/webhooks/index.js.map +0 -1
package/dist/webhooks/types.d.ts.map +0 -1
package/dist/webhooks/types.js.map +0 -1
package/dist/webhooks/webhook-dispatcher.d.ts.map +0 -1
package/dist/webhooks/webhook-dispatcher.js.map +0 -1
package/docs/COMPLIANCE-SPEC.md +0 -1452
package/docs/MCP-DIRECTORY-LISTINGS.md +0 -91
package/docs/SECURITY-FORK-OPPORTUNITIES.md +0 -79
package/docs/SECURITY_IMPLEMENTATION_PLAN.md +0 -437
package/docs/archive/ISSUES-legacy-2026-04-24.md +0 -644
package/docs/configuration.md +0 -94
package/docs/dependency-risk.md +0 -25
package/docs/improvement-sprint-2026.2.10.md +0 -210
package/docs/testing-runbook.md +0 -166
package/docs/tools.md +0 -34
package/docs/troubleshooting.md +0 -59
package/docs/usage-guide.md +0 -246

package/dist/gemini/pdf-chunker.js CHANGED Viewed

@@ -22,6 +22,17 @@ export const GEMINI_LIMITS = {
     chunkPages: 500, // Pages per chunk
     chunkSizeBytes: 25 * 1024 * 1024, // 25MB target per chunk
 };
+/**
+ * Hard DoS-protection ceilings. These are distinct from the chunking thresholds
+ * above (which decide *whether* to split a legitimately large file). A file
+ * above these ceilings is REJECTED outright — never read fully into memory or
+ * parsed — because an untrusted PDF (decompression bomb, deeply-nested object
+ * graph, absurd page count) can OOM the process from a single upload.
+ */
+// Reject any file larger than this BEFORE reading it into memory.
+const MAX_ACCEPTED_FILE_SIZE_BYTES = 200 * 1024 * 1024; // 200MB
+// Reject any PDF with more pages than this AFTER load, before walking the graph.
+const MAX_ACCEPTED_PAGES = 10000;
 /**
  * Analyze a PDF to determine if it needs chunking
  */
@@ -29,7 +40,12 @@ export async function analyzePdf(filePath) {
     const stats = await fs.promises.stat(filePath);
     const fileName = path.basename(filePath);
     const fileSize = stats.size;
-    // Check file size first (quick check)
+    // DoS guard: reject absurdly large files BEFORE reading them into memory.
+    if (fileSize > MAX_ACCEPTED_FILE_SIZE_BYTES) {
+        throw new Error(`PDF rejected: file size ${formatBytes(fileSize)} exceeds the hard limit of ${formatBytes(MAX_ACCEPTED_FILE_SIZE_BYTES)}`);
+    }
+    // Files between the chunk threshold and the hard ceiling are legitimately
+    // large and get split into chunks (page count is unknown until read).
     if (fileSize > GEMINI_LIMITS.maxFileSizeBytes) {
         const estimatedChunks = Math.ceil(fileSize / GEMINI_LIMITS.chunkSizeBytes);
         return {
@@ -42,48 +58,48 @@ export async function analyzePdf(filePath) {
             reason: `File size ${formatBytes(fileSize)} exceeds 50MB limit`,
         };
     }
-    // Read PDF to get page count
+    // Read PDF to get page count. Do NOT ignore encryption: refuse to decrypt
+    // hostile input. PDFDocument.load throws on encrypted documents when
+    // ignoreEncryption is false, which we treat as a fail-closed rejection below.
+    let pdfDoc;
     try {
         const pdfBytes = await fs.promises.readFile(filePath);
-        const pdfDoc = await PDFDocument.load(pdfBytes, {
-            ignoreEncryption: true,
+        pdfDoc = await PDFDocument.load(pdfBytes, {
+            ignoreEncryption: false,
         });
-        const pageCount = pdfDoc.getPageCount();
-        if (pageCount > GEMINI_LIMITS.maxPages) {
-            const estimatedChunks = Math.ceil(pageCount / GEMINI_LIMITS.chunkPages);
-            return {
-                filePath,
-                fileName,
-                fileSize,
-                pageCount,
-                needsChunking: true,
-                estimatedChunks,
-                reason: `Page count ${pageCount} exceeds 1000 page limit`,
-            };
-        }
-        return {
-            filePath,
-            fileName,
-            fileSize,
-            pageCount,
-            needsChunking: false,
-            estimatedChunks: 1,
-        };
     }
     catch (error) {
-        // If we can't read the PDF, assume it doesn't need chunking
-        // and let Gemini handle the error
-        log.warning(`Could not analyze PDF ${fileName}: ${error}`);
+        // FAIL CLOSED: an unparseable/encrypted/malformed PDF is rejected rather
+        // than passed downstream for Gemini to "handle".
+        const msg = error instanceof Error ? error.message : String(error);
+        log.warning(`Rejecting PDF ${fileName}: could not parse (it may be encrypted or malformed): ${msg}`);
+        throw new Error(`PDF rejected: could not parse (it may be encrypted or malformed): ${msg}`);
+    }
+    const pageCount = pdfDoc.getPageCount();
+    // DoS guard: reject PDFs with an absurd page count.
+    if (pageCount > MAX_ACCEPTED_PAGES) {
+        throw new Error(`PDF rejected: page count ${pageCount} exceeds the hard limit of ${MAX_ACCEPTED_PAGES}`);
+    }
+    if (pageCount > GEMINI_LIMITS.maxPages) {
+        const estimatedChunks = Math.ceil(pageCount / GEMINI_LIMITS.chunkPages);
         return {
             filePath,
             fileName,
             fileSize,
-            pageCount: -1,
-            needsChunking: false,
-            estimatedChunks: 1,
-            reason: `Could not analyze: ${error}`,
+            pageCount,
+            needsChunking: true,
+            estimatedChunks,
+            reason: `Page count ${pageCount} exceeds 1000 page limit`,
         };
     }
+    return {
+        filePath,
+        fileName,
+        fileSize,
+        pageCount,
+        needsChunking: false,
+        estimatedChunks: 1,
+    };
 }
 /**
  * Split a PDF into chunks
@@ -93,12 +109,22 @@ export async function chunkPdf(filePath) {
     const tempDir = await fs.promises.mkdtemp(path.join(os.tmpdir(), "pdf-chunks-"));
     try {
         log.info(`Chunking PDF: ${filePath}`);
-        // Read the original PDF
+        // DoS guard: reject absurdly large files BEFORE reading into memory.
+        const stats = await fs.promises.stat(filePath);
+        if (stats.size > MAX_ACCEPTED_FILE_SIZE_BYTES) {
+            throw new Error(`PDF rejected: file size ${formatBytes(stats.size)} exceeds the hard limit of ${formatBytes(MAX_ACCEPTED_FILE_SIZE_BYTES)}`);
+        }
+        // Read the original PDF. Do NOT ignore encryption: refuse to decrypt
+        // hostile input (load throws on encrypted PDFs when ignoreEncryption=false).
         const pdfBytes = await fs.promises.readFile(filePath);
         const pdfDoc = await PDFDocument.load(pdfBytes, {
-            ignoreEncryption: true,
+            ignoreEncryption: false,
         });
         const totalPages = pdfDoc.getPageCount();
+        // DoS guard: reject PDFs with an absurd page count before walking the graph.
+        if (totalPages > MAX_ACCEPTED_PAGES) {
+            throw new Error(`PDF rejected: page count ${totalPages} exceeds the hard limit of ${MAX_ACCEPTED_PAGES}`);
+        }
         log.info(`PDF has ${totalPages} pages, splitting into chunks...`);
         const chunks = [];
         let currentPage = 0;
@@ -194,4 +220,3 @@ function formatBytes(bytes) {
         return `${(bytes / (1024 * 1024)).toFixed(1)} MB`;
     return `${(bytes / (1024 * 1024 * 1024)).toFixed(1)} GB`;
 }
-//# sourceMappingURL=pdf-chunker.js.map

package/dist/gemini/types.d.ts CHANGED Viewed

@@ -264,4 +264,3 @@ export interface ListDocumentsResult {
     /** Next page token (if more results) */
     nextPageToken?: string;
 }
-//# sourceMappingURL=types.d.ts.map

package/dist/gemini/types.js CHANGED Viewed

@@ -7,4 +7,3 @@
  * Deep Research agent ID
  */
 export const DEEP_RESEARCH_AGENT = "deep-research-pro-preview-12-2025";
-//# sourceMappingURL=types.js.map

package/dist/index.d.ts CHANGED Viewed

@@ -80,4 +80,3 @@ export declare class NotebookLMMCPServer {
  * Main entry point
  */
 export declare function main(): Promise<void>;
-//# sourceMappingURL=index.d.ts.map

package/dist/index.js CHANGED Viewed

@@ -558,8 +558,10 @@ export class NotebookLMMCPServer {
         try {
             const breachDetector = getBreachDetector();
             getAuditLogger().onEvent(async (event) => {
-                if (event.eventType !== "auth" && event.eventType !== "security")
-                    return;
+                // Forward ALL event types to checkEvent; it filters by event_pattern.
+                // A pre-filter on eventType dropped non-auth rules (secrets_detected in
+                // tool output, prompt_injection, data_export, encryption_error) before
+                // pattern matching, leaving those critical/high rules dead (M20).
                 try {
                     await breachDetector.checkEvent(event.eventName, event.details);
                 }
@@ -575,11 +577,63 @@ export class NotebookLMMCPServer {
         // Pipe audit events to SIEM when enabled (I247). exportToSIEM is a no-op
         // when NLMCP_SIEM_ENABLED is not true.
         try {
+            // Event types whose SUCCESSFUL operations must still reach the SIEM so the
+            // tamper-evident external copy is complete (M21). Without flooring these to
+            // at least "warning", successful grant_consent / request_data_erasure /
+            // submit_dsar / config / retention events would map to "info" and be dropped
+            // by the default min_severity ("warning").
+            const SIEM_FLOOR_TYPES = new Set(["compliance", "data_access", "configuration", "retention"]);
+            // SIEM export crosses the local-only boundary asserted by the privacy notice
+            // ("Local device only"). audit-logger only sanitizes by KEY name, so free-text
+            // VALUES (and args_summary content) would egress raw PII to the external SIEM
+            // endpoint (L52). Value-scrub here before forwarding: drop known free-text PII
+            // fields to a short content hash + length marker, and truncate other long
+            // free-text values, so raw PII does not leave the host.
+            const SIEM_FREE_TEXT_PII_FIELDS = new Set([
+                "description", "reason", "details", "title", "question", "answer", "args_summary",
+            ]);
+            const SIEM_MAX_VALUE_LEN = 120;
+            const scrubValueForSIEM = (key, value) => {
+                if (typeof value === "string") {
+                    if (SIEM_FREE_TEXT_PII_FIELDS.has(key.toLowerCase())) {
+                        const digest = crypto.createHash("sha256").update(value).digest("hex").slice(0, 12);
+                        return `[scrubbed sha256:${digest} len:${value.length}]`;
+                    }
+                    if (value.length > SIEM_MAX_VALUE_LEN) {
+                        return `${value.slice(0, SIEM_MAX_VALUE_LEN)}…[truncated len:${value.length}]`;
+                    }
+                    return value;
+                }
+                if (Array.isArray(value)) {
+                    return value.map((item) => scrubValueForSIEM(key, item));
+                }
+                if (value !== null && typeof value === "object") {
+                    return scrubDetailsForSIEM(value);
+                }
+                return value;
+            };
+            const scrubDetailsForSIEM = (details) => {
+                const scrubbed = {};
+                for (const [key, value] of Object.entries(details)) {
+                    scrubbed[key] = scrubValueForSIEM(key, value);
+                }
+                return scrubbed;
+            };
             getAuditLogger().onEvent(async (event) => {
-                const severity = event.eventType === "security" && typeof event.details.severity === "string"
-                    ? event.details.severity
-                    : event.success ? "info" : "error";
-                await exportToSIEM(event.eventType, event.eventName, severity, `${event.eventType}:${event.eventName}`, "audit-logger", event.details);
+                let severity;
+                if (event.eventType === "security" && typeof event.details.severity === "string") {
+                    severity = event.details.severity;
+                }
+                else if (!event.success) {
+                    severity = "error";
+                }
+                else if (SIEM_FLOOR_TYPES.has(event.eventType)) {
+                    severity = "warning";
+                }
+                else {
+                    severity = "info";
+                }
+                await exportToSIEM(event.eventType, event.eventName, severity, `${event.eventType}:${event.eventName}`, "audit-logger", scrubDetailsForSIEM(event.details));
             });
             log.info("📡 SIEM audit export bridge registered");
         }
@@ -730,4 +784,3 @@ if (isDirectRun) {
 else if (process.argv[1] && process.env.NLMCP_DEBUG) {
     log.debug(`entry-point guard: argv[1]=${process.argv[1]} did not resolve to ${import.meta.url} — main() skipped`);
 }
-//# sourceMappingURL=index.js.map

package/dist/library/notebook-library.d.ts CHANGED Viewed

@@ -14,6 +14,8 @@ export declare class NotebookLibrary {
     private projectInfo;
     private useProjectLibrary;
     private saveTimer;
+    /** Pending use-count deltas keyed by notebook id, flushed by the debounced save. (M25) */
+    private pendingUseCounts;
     constructor(options?: {
         projectId?: string;
         useProjectLibrary?: boolean;
@@ -47,7 +49,24 @@ export declare class NotebookLibrary {
      */
     private saveLibrary;
     /**
-     * Generate a unique ID from a string (slug format)
+     * Read the library file from disk without mutating in-memory state.
+     * Used inside the lock to pick up changes made by concurrent sessions. (M25)
+     */
+    private readLibraryFromDisk;
+    /**
+     * Atomically apply a read-modify-write to the library file.
+     *
+     * Holds a cross-process lock, reloads the latest library from disk (so a
+     * concurrent session's notebooks aren't clobbered), applies `mutate` to a
+     * deep copy, persists it, and only then commits it to this.library. If the
+     * write throws, this.library is left untouched. (M25)
+     */
+    private mutateLibrary;
+    /**
+     * Generate a unique ID from a string (slug format).
+     * Uniqueness is checked against the supplied library (defaults to the
+     * in-memory one) so callers inside mutateLibrary can de-dupe against the
+     * freshly-reloaded disk state. (M25)
      */
     private generateId;
     /**
@@ -86,6 +105,16 @@ export declare class NotebookLibrary {
      * Debounced save — avoids writing to disk on every single query
      */
     private debouncedSave;
+    /**
+     * Synchronously flush any pending debounced use-count updates to disk under
+     * the cross-process lock, re-applying the accumulated deltas to the latest
+     * on-disk library so concurrent sessions' notebooks and counts survive. (M25)
+     */
+    flushSave(): void;
+    /**
+     * Release resources: flush pending writes and detach shutdown handlers. (M25)
+     */
+    close(): void;
     /**
      * Get library statistics
      */
@@ -95,4 +124,3 @@ export declare class NotebookLibrary {
      */
     searchNotebooks(query: string): NotebookEntry[];
 }
-//# sourceMappingURL=notebook-library.d.ts.map