npm - @runcontext/db - Versions diffs - 0.5.3 - Mend

@runcontext/db 0.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Eric Kittelson
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ #!/usr/bin/env node

package/dist/index.js ADDED Viewed

@@ -0,0 +1,508 @@
+#!/usr/bin/env node
+#!/usr/bin/env node
+// src/server.ts
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { z } from "zod";
+import { createAdapter } from "@runcontext/core";
+// src/guardrails.ts
+function enforceReadOnly(adapter) {
+  switch (adapter) {
+    case "postgres":
+      return "SET default_transaction_read_only = ON";
+    case "mysql":
+      return "SET SESSION TRANSACTION READ ONLY";
+    case "duckdb":
+      return null;
+    // DuckDB: no session-level read-only SQL; use access_mode=read_only in connection config
+    case "mssql":
+      return null;
+    // MSSQL: no session-level read-only SQL; use db_query validation instead
+    case "snowflake":
+      return null;
+    // Snowflake uses role-based access; no session-level read-only SQL
+    case "bigquery":
+      return null;
+    // BigQuery is read-only for queries by default (no DML in standard SQL mode)
+    case "clickhouse":
+      return "SET readonly = 1";
+    case "databricks":
+      return null;
+    // Databricks uses role-based access control
+    case "sqlite":
+      return "PRAGMA query_only = ON";
+    default:
+      return null;
+  }
+}
+function applyRowLimit(query, limit) {
+  const trimmed = query.trim().replace(/;+\s*$/, "");
+  const limitMatch = trimmed.match(/\bLIMIT\s+(\d+)\s*$/i);
+  if (limitMatch) {
+    const existingLimit = parseInt(limitMatch[1], 10);
+    const effectiveLimit = Math.min(existingLimit, limit);
+    return trimmed.replace(/\bLIMIT\s+\d+\s*$/i, `LIMIT ${effectiveLimit}`);
+  }
+  return `${trimmed}
+LIMIT ${limit}`;
+}
+function applyTimeout(adapter, ms) {
+  switch (adapter) {
+    case "postgres":
+      return `SET statement_timeout = ${ms}`;
+    case "mysql":
+      return `SET SESSION MAX_EXECUTION_TIME = ${ms}`;
+    case "duckdb":
+      return null;
+    // DuckDB doesn't support statement timeouts via SQL
+    case "mssql":
+      return null;
+    // MSSQL uses connection-level timeouts, not SQL
+    case "snowflake":
+      return `ALTER SESSION SET STATEMENT_TIMEOUT_IN_SECONDS = ${Math.ceil(ms / 1e3)}`;
+    case "bigquery":
+      return null;
+    // BigQuery uses API-level timeouts
+    case "clickhouse":
+      return `SET max_execution_time = ${Math.ceil(ms / 1e3)}`;
+    case "databricks":
+      return null;
+    // Databricks uses API-level timeouts
+    case "sqlite":
+      return null;
+    // SQLite uses API-level timeouts
+    default:
+      return null;
+  }
+}
+var DEFAULT_ROW_LIMIT = 100;
+var MAX_QUERY_ROW_LIMIT = 1e3;
+var DEFAULT_TIMEOUT_MS = 3e4;
+var DDL_KEYWORDS = ["CREATE", "DROP", "ALTER", "TRUNCATE", "RENAME"];
+var DML_KEYWORDS = ["INSERT", "UPDATE", "DELETE", "MERGE", "UPSERT"];
+var ADMIN_KEYWORDS = [
+  "GRANT",
+  "REVOKE",
+  "CALL",
+  "EXEC",
+  "COPY",
+  "LOAD",
+  "VACUUM",
+  "BEGIN",
+  "COMMIT",
+  "ROLLBACK",
+  "LOCK",
+  "SET",
+  "RESET"
+];
+var ALLOWED_KEYWORDS = ["SELECT", "WITH", "EXPLAIN", "SHOW", "DESCRIBE", "VALUES"];
+function validateReadOnlySQL(sql) {
+  const trimmed = sql.trim();
+  if (!trimmed) {
+    return { valid: false, reason: "Query is empty" };
+  }
+  const withoutTrailingSemicolon = trimmed.replace(/;+\s*$/, "");
+  if (withoutTrailingSemicolon.includes(";")) {
+    return { valid: false, reason: "Multi-statement queries are not allowed" };
+  }
+  const firstWord = trimmed.split(/\s+/)[0].toUpperCase();
+  const allDisallowed = [...DDL_KEYWORDS, ...DML_KEYWORDS, ...ADMIN_KEYWORDS];
+  if (allDisallowed.includes(firstWord)) {
+    return { valid: false, reason: `Statement type '${firstWord}' is not allowed. Only read-only queries are permitted.` };
+  }
+  if (!ALLOWED_KEYWORDS.includes(firstWord)) {
+    return { valid: false, reason: `Statement type '${firstWord}' is not recognized as a read-only query` };
+  }
+  if (firstWord === "WITH") {
+    const allMutating = [...DDL_KEYWORDS, ...DML_KEYWORDS, ...ADMIN_KEYWORDS];
+    const mutatingPattern = new RegExp(
+      `\\b(${allMutating.join("|")})\\b`,
+      "i"
+    );
+    if (mutatingPattern.test(withoutTrailingSemicolon)) {
+      return {
+        valid: false,
+        reason: "CTE body contains a mutating statement. Only read-only queries are permitted."
+      };
+    }
+  }
+  return { valid: true };
+}
+// src/tools.ts
+async function listSchemas(adapter, adapterType) {
+  let sql;
+  switch (adapterType) {
+    case "sqlite":
+    case "duckdb":
+      sql = "SELECT DISTINCT schema_name FROM information_schema.schemata ORDER BY schema_name";
+      break;
+    case "bigquery":
+      sql = "SELECT schema_name FROM INFORMATION_SCHEMA.SCHEMATA ORDER BY schema_name";
+      break;
+    case "databricks":
+      sql = "SHOW SCHEMAS";
+      break;
+    default:
+      sql = "SELECT schema_name FROM information_schema.schemata ORDER BY schema_name";
+  }
+  try {
+    const result = await adapter.query(sql);
+    const schemas = result.rows.map((row) => {
+      const firstCol = result.columns[0];
+      return String(firstCol ? row[firstCol] : Object.values(row)[0]);
+    });
+    return { schemas };
+  } catch {
+    return { schemas: [] };
+  }
+}
+async function listTables(adapter) {
+  const tables = await adapter.listTables();
+  return { tables };
+}
+async function describeTable(adapter, table) {
+  const columns = await adapter.listColumns(table);
+  return { table, columns };
+}
+async function sampleValues(adapter, table, limit) {
+  const effectiveLimit = Math.min(limit ?? DEFAULT_ROW_LIMIT, DEFAULT_ROW_LIMIT);
+  const sql = applyRowLimit(`SELECT * FROM ${quoteIdentifier(table)}`, effectiveLimit);
+  const result = await adapter.query(sql);
+  return {
+    table,
+    query: sql,
+    columns: result.columns,
+    rows: result.rows,
+    row_count: result.row_count
+  };
+}
+async function listRelationships(adapter, adapterType, table) {
+  let sql;
+  switch (adapterType) {
+    case "postgres":
+    case "mysql":
+    case "mssql":
+    case "snowflake": {
+      const whereClause = table ? `AND kcu.table_name = '${escapeString(table)}'` : "";
+      sql = `
+        SELECT
+          kcu.constraint_name,
+          kcu.table_name AS source_table,
+          kcu.column_name AS source_column,
+          ccu.table_name AS target_table,
+          ccu.column_name AS target_column
+        FROM information_schema.key_column_usage kcu
+        JOIN information_schema.constraint_column_usage ccu
+          ON kcu.constraint_name = ccu.constraint_name
+        JOIN information_schema.table_constraints tc
+          ON kcu.constraint_name = tc.constraint_name
+        WHERE tc.constraint_type = 'FOREIGN KEY'
+        ${whereClause}
+        ORDER BY kcu.constraint_name, kcu.ordinal_position
+      `;
+      break;
+    }
+    case "sqlite": {
+      if (!table) {
+        const tables = await adapter.listTables();
+        const allRels = [];
+        for (const t of tables) {
+          try {
+            const result = await adapter.query(`PRAGMA foreign_key_list("${t.name.replace(/"/g, '""')}")`);
+            for (const row of result.rows) {
+              allRels.push({
+                constraint_name: `fk_${t.name}_${row["from"]}`,
+                source_table: t.name,
+                source_column: String(row["from"]),
+                target_table: String(row["table"]),
+                target_column: String(row["to"])
+              });
+            }
+          } catch {
+          }
+        }
+        return { relationships: allRels };
+      }
+      sql = `PRAGMA foreign_key_list("${table.replace(/"/g, '""')}")`;
+      try {
+        const result = await adapter.query(sql);
+        const relationships = result.rows.map((row) => ({
+          constraint_name: `fk_${table}_${row["from"]}`,
+          source_table: table,
+          source_column: String(row["from"]),
+          target_table: String(row["table"]),
+          target_column: String(row["to"])
+        }));
+        return { relationships };
+      } catch {
+        return { relationships: [] };
+      }
+    }
+    case "duckdb": {
+      const whereClause = table ? `WHERE source_table = '${escapeString(table)}'` : "";
+      sql = `
+        SELECT
+          constraint_name,
+          source_table,
+          source_column,
+          target_table,
+          target_column
+        FROM (
+          SELECT
+            dc.constraint_name,
+            dc.table_name AS source_table,
+            unnest(dc.constraint_column_names) AS source_column,
+            rc.table_name AS target_table,
+            unnest(rc.constraint_column_names) AS target_column
+          FROM duckdb_constraints() dc
+          JOIN duckdb_constraints() rc
+            ON dc.constraint_name IS NOT NULL
+            AND dc.constraint_type = 'FOREIGN KEY'
+            AND rc.constraint_type = 'PRIMARY KEY'
+        ) sub
+        ${whereClause}
+        ORDER BY constraint_name
+      `;
+      break;
+    }
+    default:
+      return { relationships: [] };
+  }
+  try {
+    const result = await adapter.query(sql);
+    const relationships = result.rows.map((row) => ({
+      constraint_name: String(row["constraint_name"] ?? ""),
+      source_table: String(row["source_table"] ?? ""),
+      source_column: String(row["source_column"] ?? ""),
+      target_table: String(row["target_table"] ?? ""),
+      target_column: String(row["target_column"] ?? "")
+    }));
+    return { relationships };
+  } catch {
+    return { relationships: [] };
+  }
+}
+async function executeQuery(adapter, sql, limit) {
+  const validation = validateReadOnlySQL(sql);
+  if (!validation.valid) {
+    throw new Error(validation.reason);
+  }
+  const effectiveLimit = Math.min(limit ?? DEFAULT_ROW_LIMIT, MAX_QUERY_ROW_LIMIT);
+  const limitedSql = applyRowLimit(sql, effectiveLimit);
+  const result = await adapter.query(limitedSql);
+  return {
+    query: limitedSql,
+    columns: result.columns,
+    rows: result.rows,
+    row_count: result.row_count,
+    truncated: result.row_count >= effectiveLimit
+  };
+}
+function quoteIdentifier(name) {
+  if (name.includes(".")) {
+    return name.split(".").map((part) => `"${part.replace(/"/g, '""')}"`).join(".");
+  }
+  return `"${name.replace(/"/g, '""')}"`;
+}
+function escapeString(value) {
+  return value.replace(/'/g, "''");
+}
+// src/server.ts
+function detectAdapter(url2) {
+  if (url2.startsWith("postgres://") || url2.startsWith("postgresql://")) return "postgres";
+  if (url2.startsWith("mysql://")) return "mysql";
+  if (url2.startsWith("mssql://") || url2.startsWith("sqlserver://")) return "mssql";
+  if (url2.startsWith("clickhouse://")) return "clickhouse";
+  if (url2.endsWith(".duckdb") || url2.endsWith(".db") || url2.startsWith("duckdb://")) return "duckdb";
+  if (url2.endsWith(".sqlite") || url2.endsWith(".sqlite3") || url2.startsWith("sqlite://")) return "sqlite";
+  if (url2.includes("snowflake")) return "snowflake";
+  if (url2.includes("bigquery")) return "bigquery";
+  if (url2.includes("databricks")) return "databricks";
+  throw new Error(`Cannot detect adapter from URL: ${url2}. Please provide a recognizable connection string.`);
+}
+function buildConfig(url2, adapterType) {
+  switch (adapterType) {
+    case "postgres":
+    case "mysql":
+    case "mssql":
+      return { adapter: adapterType, connection: url2 };
+    case "duckdb":
+      return { adapter: "duckdb", path: url2.replace(/^duckdb:\/\//, "") };
+    case "sqlite":
+      return { adapter: "sqlite", path: url2.replace(/^sqlite:\/\//, "") };
+    default:
+      return { adapter: adapterType, connection: url2 };
+  }
+}
+function createDbServer(adapter, adapterType) {
+  const server = new McpServer({
+    name: "runcontext-db",
+    version: "0.5.2"
+  });
+  server.tool(
+    "db_list_schemas",
+    "List all schemas (databases/namespaces) available in the connected database",
+    {},
+    async () => {
+      const result = await listSchemas(adapter, adapterType);
+      return {
+        content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+      };
+    }
+  );
+  server.tool(
+    "db_list_tables",
+    "List all tables and views with row counts, types, and schema information",
+    {},
+    async () => {
+      const result = await listTables(adapter);
+      return {
+        content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+      };
+    }
+  );
+  server.tool(
+    "db_describe_table",
+    "Describe a table's columns including data types, nullability, and primary keys",
+    {
+      table: z.string().describe('Table name to describe (e.g. "users" or "public.users")')
+    },
+    async ({ table }) => {
+      const result = await describeTable(adapter, table);
+      return {
+        content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+      };
+    }
+  );
+  server.tool(
+    "db_sample_values",
+    "Sample rows from a table (max 100 rows). Read-only, with automatic row limit guardrails.",
+    {
+      table: z.string().describe("Table name to sample from"),
+      limit: z.number().int().min(1).max(100).optional().describe("Number of rows to return (default 100, max 100)")
+    },
+    async ({ table, limit }) => {
+      const result = await sampleValues(adapter, table, limit);
+      return {
+        content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+      };
+    }
+  );
+  server.tool(
+    "db_relationships",
+    "List foreign key relationships. Optionally filter by a specific table.",
+    {
+      table: z.string().optional().describe("Optional table name to filter relationships for")
+    },
+    async ({ table }) => {
+      const result = await listRelationships(adapter, adapterType, table);
+      return {
+        content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+      };
+    }
+  );
+  server.tool(
+    "db_query",
+    "Execute a read-only SQL query. Only SELECT statements are allowed. Automatically enforces row limits and timeouts.",
+    {
+      sql: z.string().describe("SQL query to execute (SELECT only)"),
+      limit: z.number().int().min(1).max(1e3).optional().describe("Maximum rows to return (default 100, max 1000)")
+    },
+    async ({ sql, limit }) => {
+      try {
+        const result = await executeQuery(adapter, sql, limit);
+        return {
+          content: [{ type: "text", text: JSON.stringify(result, null, 2) }]
+        };
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return {
+          content: [{ type: "text", text: JSON.stringify({ error: message }) }],
+          isError: true
+        };
+      }
+    }
+  );
+  return server;
+}
+async function startServer(url2) {
+  const adapterType = detectAdapter(url2);
+  const config = buildConfig(url2, adapterType);
+  const adapter = await createAdapter(config);
+  await adapter.connect();
+  const readOnlySql = enforceReadOnly(adapterType);
+  if (readOnlySql) {
+    try {
+      await adapter.query(readOnlySql);
+    } catch {
+      console.error(`Warning: Could not set read-only mode for ${adapterType}`);
+    }
+  }
+  const timeoutSql = applyTimeout(adapterType, DEFAULT_TIMEOUT_MS);
+  if (timeoutSql) {
+    try {
+      await adapter.query(timeoutSql);
+    } catch {
+      console.error(`Warning: Could not set query timeout for ${adapterType}`);
+    }
+  }
+  const server = createDbServer(adapter, adapterType);
+  const transport = new StdioServerTransport();
+  await server.connect(transport);
+  process.on("SIGINT", async () => {
+    await adapter.disconnect();
+    process.exit(0);
+  });
+  process.on("SIGTERM", async () => {
+    await adapter.disconnect();
+    process.exit(0);
+  });
+  return server;
+}
+// src/index.ts
+var args = process.argv.slice(2);
+function getArg(name) {
+  const idx = args.indexOf(name);
+  if (idx !== -1 && idx + 1 < args.length) {
+    return args[idx + 1];
+  }
+  const prefix = `${name}=`;
+  const match = args.find((a) => a.startsWith(prefix));
+  return match?.slice(prefix.length);
+}
+var url = getArg("--url");
+var authKey = getArg("--auth");
+if (!url && !authKey) {
+  console.error("Usage: runcontext-db --url <connection-string>");
+  console.error("       runcontext-db --auth <provider:key>");
+  console.error("");
+  console.error("Examples:");
+  console.error("  runcontext-db --url postgres://user:pass@localhost:5432/mydb");
+  console.error("  runcontext-db --url mysql://user:pass@localhost:3306/mydb");
+  console.error("  runcontext-db --url /path/to/database.duckdb");
+  console.error("  runcontext-db --url /path/to/database.sqlite");
+  console.error("  runcontext-db --auth neon:my-project");
+  process.exit(1);
+}
+if (authKey) {
+  import("@runcontext/core").then(async ({ createDefaultRegistry, CredentialStore, resolveAuthConnection }) => {
+    const registry = createDefaultRegistry();
+    const store = new CredentialStore();
+    const resolvedUrl = await resolveAuthConnection(authKey, registry, store);
+    return startServer(resolvedUrl);
+  }).catch((err) => {
+    console.error("Failed to resolve auth credentials:", err);
+    process.exit(1);
+  });
+} else {
+  startServer(url).catch((err) => {
+    console.error("Failed to start runcontext-db server:", err);
+    process.exit(1);
+  });
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/server.ts","../src/guardrails.ts","../src/tools.ts","../src/index.ts"],"sourcesContent":["import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';\nimport { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';\nimport { z } from 'zod';\nimport type { DataAdapter, AdapterType } from '@runcontext/core';\nimport { createAdapter } from '@runcontext/core';\n\nimport { enforceReadOnly, applyTimeout, DEFAULT_TIMEOUT_MS } from './guardrails.js';\nimport { listSchemas, listTables, describeTable, sampleValues, listRelationships, executeQuery } from './tools.js';\n\n/**\n * Detect the adapter type from a connection URL.\n */\nexport function detectAdapter(url: string): AdapterType {\n if (url.startsWith('postgres://') || url.startsWith('postgresql://')) return 'postgres';\n if (url.startsWith('mysql://')) return 'mysql';\n if (url.startsWith('mssql://') || url.startsWith('sqlserver://')) return 'mssql';\n if (url.startsWith('clickhouse://')) return 'clickhouse';\n if (url.endsWith('.duckdb') || url.endsWith('.db') || url.startsWith('duckdb://')) return 'duckdb';\n if (url.endsWith('.sqlite') || url.endsWith('.sqlite3') || url.startsWith('sqlite://')) return 'sqlite';\n if (url.includes('snowflake')) return 'snowflake';\n if (url.includes('bigquery')) return 'bigquery';\n if (url.includes('databricks')) return 'databricks';\n\n throw new Error(`Cannot detect adapter from URL: ${url}. Please provide a recognizable connection string.`);\n}\n\n/**\n * Build a DataSourceConfig from a URL string and detected adapter type.\n */\nfunction buildConfig(url: string, adapterType: AdapterType) {\n switch (adapterType) {\n case 'postgres':\n case 'mysql':\n case 'mssql':\n return { adapter: adapterType, connection: url };\n case 'duckdb':\n return { adapter: 'duckdb' as const, path: url.replace(/^duckdb:\\/\\//, '') };\n case 'sqlite':\n return { adapter: 'sqlite' as const, path: url.replace(/^sqlite:\\/\\//, '') };\n default:\n // For other adapters, pass connection as a generic config\n return { adapter: adapterType, connection: url };\n }\n}\n\n/**\n * Create and configure the MCP server with all db tools registered.\n */\nexport function createDbServer(adapter: DataAdapter, adapterType: AdapterType): McpServer {\n const server = new McpServer({\n name: 'runcontext-db',\n version: '0.5.2',\n });\n\n // --- db_list_schemas ---\n server.tool(\n 'db_list_schemas',\n 'List all schemas (databases/namespaces) available in the connected database',\n {},\n async () => {\n const result = await listSchemas(adapter, adapterType);\n return {\n content: [{ type: 'text' as const, text: JSON.stringify(result, null, 2) }],\n };\n },\n );\n\n // --- db_list_tables ---\n server.tool(\n 'db_list_tables',\n 'List all tables and views with row counts, types, and schema information',\n {},\n async () => {\n const result = await listTables(adapter);\n return {\n content: [{ type: 'text' as const, text: JSON.stringify(result, null, 2) }],\n };\n },\n );\n\n // --- db_describe_table ---\n server.tool(\n 'db_describe_table',\n 'Describe a table\\'s columns including data types, nullability, and primary keys',\n {\n table: z.string().describe('Table name to describe (e.g. \"users\" or \"public.users\")'),\n },\n async ({ table }) => {\n const result = await describeTable(adapter, table);\n return {\n content: [{ type: 'text' as const, text: JSON.stringify(result, null, 2) }],\n };\n },\n );\n\n // --- db_sample_values ---\n server.tool(\n 'db_sample_values',\n 'Sample rows from a table (max 100 rows). Read-only, with automatic row limit guardrails.',\n {\n table: z.string().describe('Table name to sample from'),\n limit: z.number().int().min(1).max(100).optional().describe('Number of rows to return (default 100, max 100)'),\n },\n async ({ table, limit }) => {\n const result = await sampleValues(adapter, table, limit);\n return {\n content: [{ type: 'text' as const, text: JSON.stringify(result, null, 2) }],\n };\n },\n );\n\n // --- db_relationships ---\n server.tool(\n 'db_relationships',\n 'List foreign key relationships. Optionally filter by a specific table.',\n {\n table: z.string().optional().describe('Optional table name to filter relationships for'),\n },\n async ({ table }) => {\n const result = await listRelationships(adapter, adapterType, table);\n return {\n content: [{ type: 'text' as const, text: JSON.stringify(result, null, 2) }],\n };\n },\n );\n\n // --- db_query ---\n server.tool(\n 'db_query',\n 'Execute a read-only SQL query. Only SELECT statements are allowed. Automatically enforces row limits and timeouts.',\n {\n sql: z.string().describe('SQL query to execute (SELECT only)'),\n limit: z.number().int().min(1).max(1000).optional().describe('Maximum rows to return (default 100, max 1000)'),\n },\n async ({ sql, limit }) => {\n try {\n const result = await executeQuery(adapter, sql, limit);\n return {\n content: [{ type: 'text' as const, text: JSON.stringify(result, null, 2) }],\n };\n } catch (err) {\n const message = err instanceof Error ? err.message : String(err);\n return {\n content: [{ type: 'text' as const, text: JSON.stringify({ error: message }) }],\n isError: true,\n };\n }\n },\n );\n\n return server;\n}\n\n/**\n * Connect to the database, apply guardrails, and start the MCP server over stdio.\n */\nexport async function startServer(url: string): Promise<McpServer> {\n const adapterType = detectAdapter(url);\n const config = buildConfig(url, adapterType);\n const adapter = await createAdapter(config);\n\n // Connect to the database\n await adapter.connect();\n\n // Apply read-only guardrail\n const readOnlySql = enforceReadOnly(adapterType);\n if (readOnlySql) {\n try {\n await adapter.query(readOnlySql);\n } catch {\n // Some adapters may not support this; continue\n console.error(`Warning: Could not set read-only mode for ${adapterType}`);\n }\n }\n\n // Apply timeout guardrail\n const timeoutSql = applyTimeout(adapterType, DEFAULT_TIMEOUT_MS);\n if (timeoutSql) {\n try {\n await adapter.query(timeoutSql);\n } catch {\n console.error(`Warning: Could not set query timeout for ${adapterType}`);\n }\n }\n\n const server = createDbServer(adapter, adapterType);\n\n // Connect via stdio transport\n const transport = new StdioServerTransport();\n await server.connect(transport);\n\n // Cleanup on exit\n process.on('SIGINT', async () => {\n await adapter.disconnect();\n process.exit(0);\n });\n\n process.on('SIGTERM', async () => {\n await adapter.disconnect();\n process.exit(0);\n });\n\n return server;\n}\n","import type { AdapterType } from '@runcontext/core';\n\n/**\n * Returns SQL statement(s) to set the session to read-only mode for the given adapter.\n * Returns null if the adapter does not support session-level read-only enforcement.\n */\nexport function enforceReadOnly(adapter: AdapterType): string | null {\n switch (adapter) {\n case 'postgres':\n return 'SET default_transaction_read_only = ON';\n case 'mysql':\n return 'SET SESSION TRANSACTION READ ONLY';\n case 'duckdb':\n return null; // DuckDB: no session-level read-only SQL; use access_mode=read_only in connection config\n case 'mssql':\n return null; // MSSQL: no session-level read-only SQL; use db_query validation instead\n case 'snowflake':\n return null; // Snowflake uses role-based access; no session-level read-only SQL\n case 'bigquery':\n return null; // BigQuery is read-only for queries by default (no DML in standard SQL mode)\n case 'clickhouse':\n return 'SET readonly = 1';\n case 'databricks':\n return null; // Databricks uses role-based access control\n case 'sqlite':\n return 'PRAGMA query_only = ON';\n default:\n return null;\n }\n}\n\n/**\n * Wraps a SQL query with a LIMIT clause to cap the number of rows returned.\n * If the query already contains a LIMIT clause, replaces it with the lower value.\n */\nexport function applyRowLimit(query: string, limit: number): string {\n const trimmed = query.trim().replace(/;+\\s*$/, '');\n\n // Check if query already has a LIMIT clause (case-insensitive)\n const limitMatch = trimmed.match(/\\bLIMIT\\s+(\\d+)\\s*$/i);\n if (limitMatch) {\n const existingLimit = parseInt(limitMatch[1]!, 10);\n const effectiveLimit = Math.min(existingLimit, limit);\n return trimmed.replace(/\\bLIMIT\\s+\\d+\\s*$/i, `LIMIT ${effectiveLimit}`);\n }\n\n return `${trimmed}\\nLIMIT ${limit}`;\n}\n\n/**\n * Returns SQL statement to set query timeout for the given adapter.\n * Returns null if the adapter does not support statement-level timeouts via SQL.\n */\nexport function applyTimeout(adapter: AdapterType, ms: number): string | null {\n switch (adapter) {\n case 'postgres':\n return `SET statement_timeout = ${ms}`;\n case 'mysql':\n // MySQL MAX_EXECUTION_TIME is in milliseconds\n return `SET SESSION MAX_EXECUTION_TIME = ${ms}`;\n case 'duckdb':\n return null; // DuckDB doesn't support statement timeouts via SQL\n case 'mssql':\n return null; // MSSQL uses connection-level timeouts, not SQL\n case 'snowflake':\n return `ALTER SESSION SET STATEMENT_TIMEOUT_IN_SECONDS = ${Math.ceil(ms / 1000)}`;\n case 'bigquery':\n return null; // BigQuery uses API-level timeouts\n case 'clickhouse':\n return `SET max_execution_time = ${Math.ceil(ms / 1000)}`;\n case 'databricks':\n return null; // Databricks uses API-level timeouts\n case 'sqlite':\n return null; // SQLite uses API-level timeouts\n default:\n return null;\n }\n}\n\n/** Default row limit for sample queries. */\nexport const DEFAULT_ROW_LIMIT = 100;\n\n/** Maximum row limit for db_query tool. */\nexport const MAX_QUERY_ROW_LIMIT = 1000;\n\n/** Default query timeout in milliseconds. */\nexport const DEFAULT_TIMEOUT_MS = 30_000;\n\n// ---------------------------------------------------------------------------\n// SQL validation for db_query\n// ---------------------------------------------------------------------------\n\nexport interface SQLValidation {\n valid: boolean;\n reason?: string;\n}\n\n/** Disallowed statement prefixes (case-insensitive). */\nconst DDL_KEYWORDS = ['CREATE', 'DROP', 'ALTER', 'TRUNCATE', 'RENAME'];\nconst DML_KEYWORDS = ['INSERT', 'UPDATE', 'DELETE', 'MERGE', 'UPSERT'];\nconst ADMIN_KEYWORDS = [\n 'GRANT', 'REVOKE', 'CALL', 'EXEC', 'COPY', 'LOAD',\n 'VACUUM', 'BEGIN', 'COMMIT', 'ROLLBACK', 'LOCK', 'SET', 'RESET',\n];\nconst ALLOWED_KEYWORDS = ['SELECT', 'WITH', 'EXPLAIN', 'SHOW', 'DESCRIBE', 'VALUES'];\n\n/**\n * Validate that a SQL string is a read-only query safe for execution.\n * Returns `{ valid: true }` if allowed, or `{ valid: false, reason }` if rejected.\n */\nexport function validateReadOnlySQL(sql: string): SQLValidation {\n const trimmed = sql.trim();\n\n if (!trimmed) {\n return { valid: false, reason: 'Query is empty' };\n }\n\n // Reject multi-statement queries (semicolons not at the very end)\n const withoutTrailingSemicolon = trimmed.replace(/;+\\s*$/, '');\n if (withoutTrailingSemicolon.includes(';')) {\n return { valid: false, reason: 'Multi-statement queries are not allowed' };\n }\n\n // Extract the first keyword\n const firstWord = trimmed.split(/\\s+/)[0]!.toUpperCase();\n\n // Check against disallowed keywords\n const allDisallowed = [...DDL_KEYWORDS, ...DML_KEYWORDS, ...ADMIN_KEYWORDS];\n if (allDisallowed.includes(firstWord)) {\n return { valid: false, reason: `Statement type '${firstWord}' is not allowed. Only read-only queries are permitted.` };\n }\n\n // Check against allowed keywords\n if (!ALLOWED_KEYWORDS.includes(firstWord)) {\n return { valid: false, reason: `Statement type '${firstWord}' is not recognized as a read-only query` };\n }\n\n // If query starts with WITH (CTE), check all CTE bodies for mutating keywords.\n // This prevents bypass via e.g. WITH cte AS (DELETE FROM t RETURNING *) SELECT * FROM cte\n if (firstWord === 'WITH') {\n const allMutating = [...DDL_KEYWORDS, ...DML_KEYWORDS, ...ADMIN_KEYWORDS];\n const mutatingPattern = new RegExp(\n `\\\\b(${allMutating.join('|')})\\\\b`,\n 'i',\n );\n if (mutatingPattern.test(withoutTrailingSemicolon)) {\n return {\n valid: false,\n reason: 'CTE body contains a mutating statement. Only read-only queries are permitted.',\n };\n }\n }\n\n return { valid: true };\n}\n","import type { DataAdapter, AdapterType, TableInfo, ColumnInfo, QueryResult } from '@runcontext/core';\nimport { applyRowLimit, DEFAULT_ROW_LIMIT, validateReadOnlySQL, MAX_QUERY_ROW_LIMIT } from './guardrails.js';\n\n// ---------------------------------------------------------------------------\n// db_list_schemas\n// ---------------------------------------------------------------------------\n\nexport interface ListSchemasResult {\n schemas: string[];\n}\n\n/**\n * List all schemas in the database.\n * Falls back to adapter-specific queries when information_schema is unavailable.\n */\nexport async function listSchemas(\n adapter: DataAdapter,\n adapterType: AdapterType,\n): Promise<ListSchemasResult> {\n let sql: string;\n\n switch (adapterType) {\n case 'sqlite':\n case 'duckdb':\n sql = \"SELECT DISTINCT schema_name FROM information_schema.schemata ORDER BY schema_name\";\n break;\n case 'bigquery':\n sql = \"SELECT schema_name FROM INFORMATION_SCHEMA.SCHEMATA ORDER BY schema_name\";\n break;\n case 'databricks':\n sql = \"SHOW SCHEMAS\";\n break;\n default:\n // postgres, mysql, mssql, snowflake, clickhouse all support information_schema\n sql = \"SELECT schema_name FROM information_schema.schemata ORDER BY schema_name\";\n }\n\n try {\n const result = await adapter.query(sql);\n const schemas = result.rows.map((row) => {\n const firstCol = result.columns[0];\n return String(firstCol ? row[firstCol] : Object.values(row)[0]);\n });\n return { schemas };\n } catch {\n // Fallback: return empty if information_schema not available\n return { schemas: [] };\n }\n}\n\n// ---------------------------------------------------------------------------\n// db_list_tables\n// ---------------------------------------------------------------------------\n\nexport interface ListTablesResult {\n tables: TableInfo[];\n}\n\n/**\n * List all tables with metadata (row counts, types, schema).\n * Delegates to the adapter's listTables().\n */\nexport async function listTables(adapter: DataAdapter): Promise<ListTablesResult> {\n const tables = await adapter.listTables();\n return { tables };\n}\n\n// ---------------------------------------------------------------------------\n// db_describe_table\n// ---------------------------------------------------------------------------\n\nexport interface DescribeTableResult {\n table: string;\n columns: ColumnInfo[];\n}\n\n/**\n * Describe a table's columns including types, nullability, and primary keys.\n * Delegates to the adapter's listColumns().\n */\nexport async function describeTable(\n adapter: DataAdapter,\n table: string,\n): Promise<DescribeTableResult> {\n const columns = await adapter.listColumns(table);\n return { table, columns };\n}\n\n// ---------------------------------------------------------------------------\n// db_sample_values\n// ---------------------------------------------------------------------------\n\nexport interface SampleValuesResult {\n table: string;\n query: string;\n columns: string[];\n rows: Record<string, unknown>[];\n row_count: number;\n}\n\n/**\n * Sample rows from a table with guardrails applied.\n * Maximum of DEFAULT_ROW_LIMIT (100) rows.\n */\nexport async function sampleValues(\n adapter: DataAdapter,\n table: string,\n limit?: number,\n): Promise<SampleValuesResult> {\n const effectiveLimit = Math.min(limit ?? DEFAULT_ROW_LIMIT, DEFAULT_ROW_LIMIT);\n const sql = applyRowLimit(`SELECT * FROM ${quoteIdentifier(table)}`, effectiveLimit);\n const result = await adapter.query(sql);\n return {\n table,\n query: sql,\n columns: result.columns,\n rows: result.rows,\n row_count: result.row_count,\n };\n}\n\n// ---------------------------------------------------------------------------\n// db_relationships\n// ---------------------------------------------------------------------------\n\nexport interface Relationship {\n constraint_name: string;\n source_table: string;\n source_column: string;\n target_table: string;\n target_column: string;\n}\n\nexport interface RelationshipsResult {\n relationships: Relationship[];\n}\n\n/**\n * List foreign key relationships from information_schema.\n * Falls back to adapter-specific queries or empty results.\n */\nexport async function listRelationships(\n adapter: DataAdapter,\n adapterType: AdapterType,\n table?: string,\n): Promise<RelationshipsResult> {\n let sql: string;\n\n switch (adapterType) {\n case 'postgres':\n case 'mysql':\n case 'mssql':\n case 'snowflake': {\n const whereClause = table\n ? `AND kcu.table_name = '${escapeString(table)}'`\n : '';\n sql = `\n SELECT\n kcu.constraint_name,\n kcu.table_name AS source_table,\n kcu.column_name AS source_column,\n ccu.table_name AS target_table,\n ccu.column_name AS target_column\n FROM information_schema.key_column_usage kcu\n JOIN information_schema.constraint_column_usage ccu\n ON kcu.constraint_name = ccu.constraint_name\n JOIN information_schema.table_constraints tc\n ON kcu.constraint_name = tc.constraint_name\n WHERE tc.constraint_type = 'FOREIGN KEY'\n ${whereClause}\n ORDER BY kcu.constraint_name, kcu.ordinal_position\n `;\n break;\n }\n case 'sqlite': {\n if (!table) {\n // SQLite requires table-specific PRAGMA; list all tables then query each\n const tables = await adapter.listTables();\n const allRels: Relationship[] = [];\n for (const t of tables) {\n try {\n const result = await adapter.query(`PRAGMA foreign_key_list(\"${t.name.replace(/\"/g, '\"\"')}\")`);\n for (const row of result.rows) {\n allRels.push({\n constraint_name: `fk_${t.name}_${row['from']}`,\n source_table: t.name,\n source_column: String(row['from']),\n target_table: String(row['table']),\n target_column: String(row['to']),\n });\n }\n } catch {\n // skip tables without FK support\n }\n }\n return { relationships: allRels };\n }\n sql = `PRAGMA foreign_key_list(\"${table.replace(/\"/g, '\"\"')}\")`;\n try {\n const result = await adapter.query(sql);\n const relationships = result.rows.map((row) => ({\n constraint_name: `fk_${table}_${row['from']}`,\n source_table: table,\n source_column: String(row['from']),\n target_table: String(row['table']),\n target_column: String(row['to']),\n }));\n return { relationships };\n } catch {\n return { relationships: [] };\n }\n }\n case 'duckdb': {\n const whereClause = table\n ? `WHERE source_table = '${escapeString(table)}'`\n : '';\n sql = `\n SELECT\n constraint_name,\n source_table,\n source_column,\n target_table,\n target_column\n FROM (\n SELECT\n dc.constraint_name,\n dc.table_name AS source_table,\n unnest(dc.constraint_column_names) AS source_column,\n rc.table_name AS target_table,\n unnest(rc.constraint_column_names) AS target_column\n FROM duckdb_constraints() dc\n JOIN duckdb_constraints() rc\n ON dc.constraint_name IS NOT NULL\n AND dc.constraint_type = 'FOREIGN KEY'\n AND rc.constraint_type = 'PRIMARY KEY'\n ) sub\n ${whereClause}\n ORDER BY constraint_name\n `;\n break;\n }\n default:\n // bigquery, clickhouse, databricks generally don't enforce FKs\n return { relationships: [] };\n }\n\n try {\n const result = await adapter.query(sql);\n const relationships: Relationship[] = result.rows.map((row) => ({\n constraint_name: String(row['constraint_name'] ?? ''),\n source_table: String(row['source_table'] ?? ''),\n source_column: String(row['source_column'] ?? ''),\n target_table: String(row['target_table'] ?? ''),\n target_column: String(row['target_column'] ?? ''),\n }));\n return { relationships };\n } catch {\n return { relationships: [] };\n }\n}\n\n// ---------------------------------------------------------------------------\n// db_query\n// ---------------------------------------------------------------------------\n\nexport interface ExecuteQueryResult {\n query: string;\n columns: string[];\n rows: Record<string, unknown>[];\n row_count: number;\n truncated: boolean;\n}\n\n/**\n * Execute a read-only SQL query with guardrails.\n * Validates the query, applies row limits, and returns the results.\n */\nexport async function executeQuery(\n adapter: DataAdapter,\n sql: string,\n limit?: number,\n): Promise<ExecuteQueryResult> {\n const validation = validateReadOnlySQL(sql);\n if (!validation.valid) {\n throw new Error(validation.reason);\n }\n\n const effectiveLimit = Math.min(limit ?? DEFAULT_ROW_LIMIT, MAX_QUERY_ROW_LIMIT);\n const limitedSql = applyRowLimit(sql, effectiveLimit);\n const result = await adapter.query(limitedSql);\n\n return {\n query: limitedSql,\n columns: result.columns,\n rows: result.rows,\n row_count: result.row_count,\n truncated: result.row_count >= effectiveLimit,\n };\n}\n\n// ---------------------------------------------------------------------------\n// Helpers\n// ---------------------------------------------------------------------------\n\nfunction quoteIdentifier(name: string): string {\n // Simple quoting — handles most cases. Schema.table supported.\n if (name.includes('.')) {\n return name\n .split('.')\n .map((part) => `\"${part.replace(/\"/g, '\"\"')}\"`)\n .join('.');\n }\n return `\"${name.replace(/\"/g, '\"\"')}\"`;\n}\n\nfunction escapeString(value: string): string {\n return value.replace(/'/g, \"''\");\n}\n","#!/usr/bin/env node\n\nimport { startServer } from './server.js';\n\nconst args = process.argv.slice(2);\n\nfunction getArg(name: string): string | undefined {\n const idx = args.indexOf(name);\n if (idx !== -1 && idx + 1 < args.length) {\n return args[idx + 1];\n }\n // Also support --name=value format\n const prefix = `${name}=`;\n const match = args.find((a) => a.startsWith(prefix));\n return match?.slice(prefix.length);\n}\n\nconst url = getArg('--url');\nconst authKey = getArg('--auth');\n\nif (!url && !authKey) {\n console.error('Usage: runcontext-db --url <connection-string>');\n console.error(' runcontext-db --auth <provider:key>');\n console.error('');\n console.error('Examples:');\n console.error(' runcontext-db --url postgres://user:pass@localhost:5432/mydb');\n console.error(' runcontext-db --url mysql://user:pass@localhost:3306/mydb');\n console.error(' runcontext-db --url /path/to/database.duckdb');\n console.error(' runcontext-db --url /path/to/database.sqlite');\n console.error(' runcontext-db --auth neon:my-project');\n process.exit(1);\n}\n\nif (authKey) {\n import('@runcontext/core').then(async ({ createDefaultRegistry, CredentialStore, resolveAuthConnection }) => {\n const registry = createDefaultRegistry();\n const store = new CredentialStore();\n const resolvedUrl = await resolveAuthConnection(authKey, registry, store);\n return startServer(resolvedUrl);\n }).catch((err) => {\n console.error('Failed to resolve auth credentials:', err);\n process.exit(1);\n });\n} else {\n startServer(url!).catch((err) => {\n console.error('Failed to start runcontext-db server:', err);\n process.exit(1);\n });\n}\n"],"mappings":";;;;AAAA,SAAS,iBAAiB;AAC1B,SAAS,4BAA4B;AACrC,SAAS,SAAS;AAElB,SAAS,qBAAqB;;;ACEvB,SAAS,gBAAgB,SAAqC;AACnE,UAAQ,SAAS;AAAA,IACf,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF;AAMO,SAAS,cAAc,OAAe,OAAuB;AAClE,QAAM,UAAU,MAAM,KAAK,EAAE,QAAQ,UAAU,EAAE;AAGjD,QAAM,aAAa,QAAQ,MAAM,sBAAsB;AACvD,MAAI,YAAY;AACd,UAAM,gBAAgB,SAAS,WAAW,CAAC,GAAI,EAAE;AACjD,UAAM,iBAAiB,KAAK,IAAI,eAAe,KAAK;AACpD,WAAO,QAAQ,QAAQ,sBAAsB,SAAS,cAAc,EAAE;AAAA,EACxE;AAEA,SAAO,GAAG,OAAO;AAAA,QAAW,KAAK;AACnC;AAMO,SAAS,aAAa,SAAsB,IAA2B;AAC5E,UAAQ,SAAS;AAAA,IACf,KAAK;AACH,aAAO,2BAA2B,EAAE;AAAA,IACtC,KAAK;AAEH,aAAO,oCAAoC,EAAE;AAAA,IAC/C,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO,oDAAoD,KAAK,KAAK,KAAK,GAAI,CAAC;AAAA,IACjF,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO,4BAA4B,KAAK,KAAK,KAAK,GAAI,CAAC;AAAA,IACzD,KAAK;AACH,aAAO;AAAA;AAAA,IACT,KAAK;AACH,aAAO;AAAA;AAAA,IACT;AACE,aAAO;AAAA,EACX;AACF;AAGO,IAAM,oBAAoB;AAG1B,IAAM,sBAAsB;AAG5B,IAAM,qBAAqB;AAYlC,IAAM,eAAe,CAAC,UAAU,QAAQ,SAAS,YAAY,QAAQ;AACrE,IAAM,eAAe,CAAC,UAAU,UAAU,UAAU,SAAS,QAAQ;AACrE,IAAM,iBAAiB;AAAA,EACrB;AAAA,EAAS;AAAA,EAAU;AAAA,EAAQ;AAAA,EAAQ;AAAA,EAAQ;AAAA,EAC3C;AAAA,EAAU;AAAA,EAAS;AAAA,EAAU;AAAA,EAAY;AAAA,EAAQ;AAAA,EAAO;AAC1D;AACA,IAAM,mBAAmB,CAAC,UAAU,QAAQ,WAAW,QAAQ,YAAY,QAAQ;AAM5E,SAAS,oBAAoB,KAA4B;AAC9D,QAAM,UAAU,IAAI,KAAK;AAEzB,MAAI,CAAC,SAAS;AACZ,WAAO,EAAE,OAAO,OAAO,QAAQ,iBAAiB;AAAA,EAClD;AAGA,QAAM,2BAA2B,QAAQ,QAAQ,UAAU,EAAE;AAC7D,MAAI,yBAAyB,SAAS,GAAG,GAAG;AAC1C,WAAO,EAAE,OAAO,OAAO,QAAQ,0CAA0C;AAAA,EAC3E;AAGA,QAAM,YAAY,QAAQ,MAAM,KAAK,EAAE,CAAC,EAAG,YAAY;AAGvD,QAAM,gBAAgB,CAAC,GAAG,cAAc,GAAG,cAAc,GAAG,cAAc;AAC1E,MAAI,cAAc,SAAS,SAAS,GAAG;AACrC,WAAO,EAAE,OAAO,OAAO,QAAQ,mBAAmB,SAAS,0DAA0D;AAAA,EACvH;AAGA,MAAI,CAAC,iBAAiB,SAAS,SAAS,GAAG;AACzC,WAAO,EAAE,OAAO,OAAO,QAAQ,mBAAmB,SAAS,2CAA2C;AAAA,EACxG;AAIA,MAAI,cAAc,QAAQ;AACxB,UAAM,cAAc,CAAC,GAAG,cAAc,GAAG,cAAc,GAAG,cAAc;AACxE,UAAM,kBAAkB,IAAI;AAAA,MAC1B,OAAO,YAAY,KAAK,GAAG,CAAC;AAAA,MAC5B;AAAA,IACF;AACA,QAAI,gBAAgB,KAAK,wBAAwB,GAAG;AAClD,aAAO;AAAA,QACL,OAAO;AAAA,QACP,QAAQ;AAAA,MACV;AAAA,IACF;AAAA,EACF;AAEA,SAAO,EAAE,OAAO,KAAK;AACvB;;;AC3IA,eAAsB,YACpB,SACA,aAC4B;AAC5B,MAAI;AAEJ,UAAQ,aAAa;AAAA,IACnB,KAAK;AAAA,IACL,KAAK;AACH,YAAM;AACN;AAAA,IACF,KAAK;AACH,YAAM;AACN;AAAA,IACF,KAAK;AACH,YAAM;AACN;AAAA,IACF;AAEE,YAAM;AAAA,EACV;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ,MAAM,GAAG;AACtC,UAAM,UAAU,OAAO,KAAK,IAAI,CAAC,QAAQ;AACvC,YAAM,WAAW,OAAO,QAAQ,CAAC;AACjC,aAAO,OAAO,WAAW,IAAI,QAAQ,IAAI,OAAO,OAAO,GAAG,EAAE,CAAC,CAAC;AAAA,IAChE,CAAC;AACD,WAAO,EAAE,QAAQ;AAAA,EACnB,QAAQ;AAEN,WAAO,EAAE,SAAS,CAAC,EAAE;AAAA,EACvB;AACF;AAcA,eAAsB,WAAW,SAAiD;AAChF,QAAM,SAAS,MAAM,QAAQ,WAAW;AACxC,SAAO,EAAE,OAAO;AAClB;AAeA,eAAsB,cACpB,SACA,OAC8B;AAC9B,QAAM,UAAU,MAAM,QAAQ,YAAY,KAAK;AAC/C,SAAO,EAAE,OAAO,QAAQ;AAC1B;AAkBA,eAAsB,aACpB,SACA,OACA,OAC6B;AAC7B,QAAM,iBAAiB,KAAK,IAAI,SAAS,mBAAmB,iBAAiB;AAC7E,QAAM,MAAM,cAAc,iBAAiB,gBAAgB,KAAK,CAAC,IAAI,cAAc;AACnF,QAAM,SAAS,MAAM,QAAQ,MAAM,GAAG;AACtC,SAAO;AAAA,IACL;AAAA,IACA,OAAO;AAAA,IACP,SAAS,OAAO;AAAA,IAChB,MAAM,OAAO;AAAA,IACb,WAAW,OAAO;AAAA,EACpB;AACF;AAsBA,eAAsB,kBACpB,SACA,aACA,OAC8B;AAC9B,MAAI;AAEJ,UAAQ,aAAa;AAAA,IACnB,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK,aAAa;AAChB,YAAM,cAAc,QAChB,yBAAyB,aAAa,KAAK,CAAC,MAC5C;AACJ,YAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,UAaF,WAAW;AAAA;AAAA;AAGf;AAAA,IACF;AAAA,IACA,KAAK,UAAU;AACb,UAAI,CAAC,OAAO;AAEV,cAAM,SAAS,MAAM,QAAQ,WAAW;AACxC,cAAM,UAA0B,CAAC;AACjC,mBAAW,KAAK,QAAQ;AACtB,cAAI;AACF,kBAAM,SAAS,MAAM,QAAQ,MAAM,4BAA4B,EAAE,KAAK,QAAQ,MAAM,IAAI,CAAC,IAAI;AAC7F,uBAAW,OAAO,OAAO,MAAM;AAC7B,sBAAQ,KAAK;AAAA,gBACX,iBAAiB,MAAM,EAAE,IAAI,IAAI,IAAI,MAAM,CAAC;AAAA,gBAC5C,cAAc,EAAE;AAAA,gBAChB,eAAe,OAAO,IAAI,MAAM,CAAC;AAAA,gBACjC,cAAc,OAAO,IAAI,OAAO,CAAC;AAAA,gBACjC,eAAe,OAAO,IAAI,IAAI,CAAC;AAAA,cACjC,CAAC;AAAA,YACH;AAAA,UACF,QAAQ;AAAA,UAER;AAAA,QACF;AACA,eAAO,EAAE,eAAe,QAAQ;AAAA,MAClC;AACA,YAAM,4BAA4B,MAAM,QAAQ,MAAM,IAAI,CAAC;AAC3D,UAAI;AACF,cAAM,SAAS,MAAM,QAAQ,MAAM,GAAG;AACtC,cAAM,gBAAgB,OAAO,KAAK,IAAI,CAAC,SAAS;AAAA,UAC9C,iBAAiB,MAAM,KAAK,IAAI,IAAI,MAAM,CAAC;AAAA,UAC3C,cAAc;AAAA,UACd,eAAe,OAAO,IAAI,MAAM,CAAC;AAAA,UACjC,cAAc,OAAO,IAAI,OAAO,CAAC;AAAA,UACjC,eAAe,OAAO,IAAI,IAAI,CAAC;AAAA,QACjC,EAAE;AACF,eAAO,EAAE,cAAc;AAAA,MACzB,QAAQ;AACN,eAAO,EAAE,eAAe,CAAC,EAAE;AAAA,MAC7B;AAAA,IACF;AAAA,IACA,KAAK,UAAU;AACb,YAAM,cAAc,QAChB,yBAAyB,aAAa,KAAK,CAAC,MAC5C;AACJ,YAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,UAoBF,WAAW;AAAA;AAAA;AAGf;AAAA,IACF;AAAA,IACA;AAEE,aAAO,EAAE,eAAe,CAAC,EAAE;AAAA,EAC/B;AAEA,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ,MAAM,GAAG;AACtC,UAAM,gBAAgC,OAAO,KAAK,IAAI,CAAC,SAAS;AAAA,MAC9D,iBAAiB,OAAO,IAAI,iBAAiB,KAAK,EAAE;AAAA,MACpD,cAAc,OAAO,IAAI,cAAc,KAAK,EAAE;AAAA,MAC9C,eAAe,OAAO,IAAI,eAAe,KAAK,EAAE;AAAA,MAChD,cAAc,OAAO,IAAI,cAAc,KAAK,EAAE;AAAA,MAC9C,eAAe,OAAO,IAAI,eAAe,KAAK,EAAE;AAAA,IAClD,EAAE;AACF,WAAO,EAAE,cAAc;AAAA,EACzB,QAAQ;AACN,WAAO,EAAE,eAAe,CAAC,EAAE;AAAA,EAC7B;AACF;AAkBA,eAAsB,aACpB,SACA,KACA,OAC6B;AAC7B,QAAM,aAAa,oBAAoB,GAAG;AAC1C,MAAI,CAAC,WAAW,OAAO;AACrB,UAAM,IAAI,MAAM,WAAW,MAAM;AAAA,EACnC;AAEA,QAAM,iBAAiB,KAAK,IAAI,SAAS,mBAAmB,mBAAmB;AAC/E,QAAM,aAAa,cAAc,KAAK,cAAc;AACpD,QAAM,SAAS,MAAM,QAAQ,MAAM,UAAU;AAE7C,SAAO;AAAA,IACL,OAAO;AAAA,IACP,SAAS,OAAO;AAAA,IAChB,MAAM,OAAO;AAAA,IACb,WAAW,OAAO;AAAA,IAClB,WAAW,OAAO,aAAa;AAAA,EACjC;AACF;AAMA,SAAS,gBAAgB,MAAsB;AAE7C,MAAI,KAAK,SAAS,GAAG,GAAG;AACtB,WAAO,KACJ,MAAM,GAAG,EACT,IAAI,CAAC,SAAS,IAAI,KAAK,QAAQ,MAAM,IAAI,CAAC,GAAG,EAC7C,KAAK,GAAG;AAAA,EACb;AACA,SAAO,IAAI,KAAK,QAAQ,MAAM,IAAI,CAAC;AACrC;AAEA,SAAS,aAAa,OAAuB;AAC3C,SAAO,MAAM,QAAQ,MAAM,IAAI;AACjC;;;AFjTO,SAAS,cAAcA,MAA0B;AACtD,MAAIA,KAAI,WAAW,aAAa,KAAKA,KAAI,WAAW,eAAe,EAAG,QAAO;AAC7E,MAAIA,KAAI,WAAW,UAAU,EAAG,QAAO;AACvC,MAAIA,KAAI,WAAW,UAAU,KAAKA,KAAI,WAAW,cAAc,EAAG,QAAO;AACzE,MAAIA,KAAI,WAAW,eAAe,EAAG,QAAO;AAC5C,MAAIA,KAAI,SAAS,SAAS,KAAKA,KAAI,SAAS,KAAK,KAAKA,KAAI,WAAW,WAAW,EAAG,QAAO;AAC1F,MAAIA,KAAI,SAAS,SAAS,KAAKA,KAAI,SAAS,UAAU,KAAKA,KAAI,WAAW,WAAW,EAAG,QAAO;AAC/F,MAAIA,KAAI,SAAS,WAAW,EAAG,QAAO;AACtC,MAAIA,KAAI,SAAS,UAAU,EAAG,QAAO;AACrC,MAAIA,KAAI,SAAS,YAAY,EAAG,QAAO;AAEvC,QAAM,IAAI,MAAM,mCAAmCA,IAAG,oDAAoD;AAC5G;AAKA,SAAS,YAAYA,MAAa,aAA0B;AAC1D,UAAQ,aAAa;AAAA,IACnB,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AACH,aAAO,EAAE,SAAS,aAAa,YAAYA,KAAI;AAAA,IACjD,KAAK;AACH,aAAO,EAAE,SAAS,UAAmB,MAAMA,KAAI,QAAQ,gBAAgB,EAAE,EAAE;AAAA,IAC7E,KAAK;AACH,aAAO,EAAE,SAAS,UAAmB,MAAMA,KAAI,QAAQ,gBAAgB,EAAE,EAAE;AAAA,IAC7E;AAEE,aAAO,EAAE,SAAS,aAAa,YAAYA,KAAI;AAAA,EACnD;AACF;AAKO,SAAS,eAAe,SAAsB,aAAqC;AACxF,QAAM,SAAS,IAAI,UAAU;AAAA,IAC3B,MAAM;AAAA,IACN,SAAS;AAAA,EACX,CAAC;AAGD,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,CAAC;AAAA,IACD,YAAY;AACV,YAAM,SAAS,MAAM,YAAY,SAAS,WAAW;AACrD,aAAO;AAAA,QACL,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AAGA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA,CAAC;AAAA,IACD,YAAY;AACV,YAAM,SAAS,MAAM,WAAW,OAAO;AACvC,aAAO;AAAA,QACL,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AAGA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,MACE,OAAO,EAAE,OAAO,EAAE,SAAS,yDAAyD;AAAA,IACtF;AAAA,IACA,OAAO,EAAE,MAAM,MAAM;AACnB,YAAM,SAAS,MAAM,cAAc,SAAS,KAAK;AACjD,aAAO;AAAA,QACL,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AAGA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,MACE,OAAO,EAAE,OAAO,EAAE,SAAS,2BAA2B;AAAA,MACtD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,SAAS,EAAE,SAAS,iDAAiD;AAAA,IAC/G;AAAA,IACA,OAAO,EAAE,OAAO,MAAM,MAAM;AAC1B,YAAM,SAAS,MAAM,aAAa,SAAS,OAAO,KAAK;AACvD,aAAO;AAAA,QACL,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AAGA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,MACE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,iDAAiD;AAAA,IACzF;AAAA,IACA,OAAO,EAAE,MAAM,MAAM;AACnB,YAAM,SAAS,MAAM,kBAAkB,SAAS,aAAa,KAAK;AAClE,aAAO;AAAA,QACL,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC;AAAA,MAC5E;AAAA,IACF;AAAA,EACF;AAGA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,MACE,KAAK,EAAE,OAAO,EAAE,SAAS,oCAAoC;AAAA,MAC7D,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,IAAI,GAAI,EAAE,SAAS,EAAE,SAAS,gDAAgD;AAAA,IAC/G;AAAA,IACA,OAAO,EAAE,KAAK,MAAM,MAAM;AACxB,UAAI;AACF,cAAM,SAAS,MAAM,aAAa,SAAS,KAAK,KAAK;AACrD,eAAO;AAAA,UACL,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC;AAAA,QAC5E;AAAA,MACF,SAAS,KAAK;AACZ,cAAM,UAAU,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAC/D,eAAO;AAAA,UACL,SAAS,CAAC,EAAE,MAAM,QAAiB,MAAM,KAAK,UAAU,EAAE,OAAO,QAAQ,CAAC,EAAE,CAAC;AAAA,UAC7E,SAAS;AAAA,QACX;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AACT;AAKA,eAAsB,YAAYA,MAAiC;AACjE,QAAM,cAAc,cAAcA,IAAG;AACrC,QAAM,SAAS,YAAYA,MAAK,WAAW;AAC3C,QAAM,UAAU,MAAM,cAAc,MAAM;AAG1C,QAAM,QAAQ,QAAQ;AAGtB,QAAM,cAAc,gBAAgB,WAAW;AAC/C,MAAI,aAAa;AACf,QAAI;AACF,YAAM,QAAQ,MAAM,WAAW;AAAA,IACjC,QAAQ;AAEN,cAAQ,MAAM,6CAA6C,WAAW,EAAE;AAAA,IAC1E;AAAA,EACF;AAGA,QAAM,aAAa,aAAa,aAAa,kBAAkB;AAC/D,MAAI,YAAY;AACd,QAAI;AACF,YAAM,QAAQ,MAAM,UAAU;AAAA,IAChC,QAAQ;AACN,cAAQ,MAAM,4CAA4C,WAAW,EAAE;AAAA,IACzE;AAAA,EACF;AAEA,QAAM,SAAS,eAAe,SAAS,WAAW;AAGlD,QAAM,YAAY,IAAI,qBAAqB;AAC3C,QAAM,OAAO,QAAQ,SAAS;AAG9B,UAAQ,GAAG,UAAU,YAAY;AAC/B,UAAM,QAAQ,WAAW;AACzB,YAAQ,KAAK,CAAC;AAAA,EAChB,CAAC;AAED,UAAQ,GAAG,WAAW,YAAY;AAChC,UAAM,QAAQ,WAAW;AACzB,YAAQ,KAAK,CAAC;AAAA,EAChB,CAAC;AAED,SAAO;AACT;;;AGvMA,IAAM,OAAO,QAAQ,KAAK,MAAM,CAAC;AAEjC,SAAS,OAAO,MAAkC;AAChD,QAAM,MAAM,KAAK,QAAQ,IAAI;AAC7B,MAAI,QAAQ,MAAM,MAAM,IAAI,KAAK,QAAQ;AACvC,WAAO,KAAK,MAAM,CAAC;AAAA,EACrB;AAEA,QAAM,SAAS,GAAG,IAAI;AACtB,QAAM,QAAQ,KAAK,KAAK,CAAC,MAAM,EAAE,WAAW,MAAM,CAAC;AACnD,SAAO,OAAO,MAAM,OAAO,MAAM;AACnC;AAEA,IAAM,MAAM,OAAO,OAAO;AAC1B,IAAM,UAAU,OAAO,QAAQ;AAE/B,IAAI,CAAC,OAAO,CAAC,SAAS;AACpB,UAAQ,MAAM,gDAAgD;AAC9D,UAAQ,MAAM,4CAA4C;AAC1D,UAAQ,MAAM,EAAE;AAChB,UAAQ,MAAM,WAAW;AACzB,UAAQ,MAAM,gEAAgE;AAC9E,UAAQ,MAAM,6DAA6D;AAC3E,UAAQ,MAAM,gDAAgD;AAC9D,UAAQ,MAAM,gDAAgD;AAC9D,UAAQ,MAAM,wCAAwC;AACtD,UAAQ,KAAK,CAAC;AAChB;AAEA,IAAI,SAAS;AACX,SAAO,kBAAkB,EAAE,KAAK,OAAO,EAAE,uBAAuB,iBAAiB,sBAAsB,MAAM;AAC3G,UAAM,WAAW,sBAAsB;AACvC,UAAM,QAAQ,IAAI,gBAAgB;AAClC,UAAM,cAAc,MAAM,sBAAsB,SAAS,UAAU,KAAK;AACxE,WAAO,YAAY,WAAW;AAAA,EAChC,CAAC,EAAE,MAAM,CAAC,QAAQ;AAChB,YAAQ,MAAM,uCAAuC,GAAG;AACxD,YAAQ,KAAK,CAAC;AAAA,EAChB,CAAC;AACH,OAAO;AACL,cAAY,GAAI,EAAE,MAAM,CAAC,QAAQ;AAC/B,YAAQ,MAAM,yCAAyC,GAAG;AAC1D,YAAQ,KAAK,CAAC;AAAA,EAChB,CAAC;AACH;","names":["url"]}

package/package.json ADDED Viewed

@@ -0,0 +1,54 @@
+{
+  "name": "@runcontext/db",
+  "version": "0.5.3",
+  "description": "Read-only, guardrailed database connector MCP server. Connect any database to AI agents with automatic safety constraints.",
+  "license": "MIT",
+  "author": "Eric Kittelson",
+  "homepage": "https://github.com/RunContext/runcontext",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/RunContext/runcontext.git",
+    "directory": "packages/db"
+  },
+  "bugs": "https://github.com/RunContext/runcontext/issues",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "keywords": [
+    "mcp",
+    "model-context-protocol",
+    "database",
+    "read-only",
+    "guardrails",
+    "ai-agent",
+    "runcontext",
+    "claude-code",
+    "cursor",
+    "copilot",
+    "data-connector"
+  ],
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "bin": {
+    "runcontext-db": "./dist/index.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.12.0",
+    "zod": "^3.24.0",
+    "@runcontext/core": "^0.5.3"
+  },
+  "devDependencies": {
+    "@types/node": "^25.3.3",
+    "tsup": "^8.4.0",
+    "typescript": "^5.7.0",
+    "vitest": "^3.2.0"
+  },
+  "scripts": {
+    "build": "tsup",
+    "clean": "rm -rf dist"
+  }
+}