@skillsmith/mcp-server 0.2.3 → 0.3.1

package/dist/src/middleware/csp.d.ts

@@ -1,103 +0,0 @@
-/**
- * Content Security Policy middleware and utilities for MCP server
- *
- * While the MCP server currently uses stdio transport, these utilities
- * provide CSP support for potential HTTP transport scenarios.
- */
-/**
- * CSP directive types
- */
-export interface CspDirectives {
-    'default-src'?: string[];
-    'script-src'?: string[];
-    'style-src'?: string[];
-    'img-src'?: string[];
-    'font-src'?: string[];
-    'connect-src'?: string[];
-    'media-src'?: string[];
-    'object-src'?: string[];
-    'frame-src'?: string[];
-    'worker-src'?: string[];
-    'form-action'?: string[];
-    'frame-ancestors'?: string[];
-    'base-uri'?: string[];
-    'manifest-src'?: string[];
-    sandbox?: string[];
-    'report-uri'?: string[];
-    'report-to'?: string;
-    'require-trusted-types-for'?: string[];
-    'upgrade-insecure-requests'?: boolean;
-    'block-all-mixed-content'?: boolean;
-}
-/**
- * CSP validation result with details
- */
-export interface CspValidationResult {
-    valid: boolean;
-    warnings: string[];
-    errors: string[];
-}
-/**
- * HTTP request interface for CSP middleware
- * Minimal interface for HTTP request objects
- */
-export interface CspHttpRequest {
-    headers?: Record<string, string | string[] | undefined>;
-    url?: string;
-}
-/**
- * HTTP response interface for CSP middleware
- * Minimal interface for HTTP response objects with CSP-related methods
- */
-export interface CspHttpResponse {
-    setHeader: (name: string, value: string) => void;
-    locals?: Record<string, unknown>;
-}
-/**
- * Default CSP directives for MCP server
- */
-export declare const DEFAULT_CSP_DIRECTIVES: CspDirectives;
-/**
- * Strict CSP directives for maximum security
- */
-export declare const STRICT_CSP_DIRECTIVES: CspDirectives;
-/**
- * Generates a cryptographically secure nonce for CSP
- * @returns A 32-character base64 nonce
- */
-export declare function generateNonce(): string;
-/**
- * Converts CSP directives object to a CSP header string
- * @param directives - The CSP directives to convert
- * @param nonce - Optional nonce to add to script-src and style-src
- * @returns The CSP header value
- */
-export declare function buildCspHeader(directives: CspDirectives, nonce?: string): string;
-/**
- * Validates a CSP header string
- * @param csp - The CSP header string to validate
- * @returns true if valid, false otherwise
- */
-export declare function validateCspHeader(csp: string): boolean;
-/**
- * Validates a CSP header string with detailed results
- * @param csp - The CSP header string to validate
- * @returns Detailed validation result with warnings and errors
- */
-export declare function validateCspHeaderDetailed(csp: string): CspValidationResult;
-/**
- * HTTP middleware function for adding CSP headers
- * This can be used if the MCP server adds HTTP transport in the future
- */
-export declare function cspMiddleware(directives?: CspDirectives): (_req: CspHttpRequest, res: CspHttpResponse, next: () => void) => void;
-/**
- * Gets CSP configuration for different environments
- *
- * NOTE: Test environment uses relaxed CSP for testing purposes.
- * Production code should always use STRICT_CSP_DIRECTIVES.
- *
- * @param env - The environment (development, production, test)
- * @returns The appropriate CSP directives
- */
-export declare function getCspForEnvironment(env?: string): CspDirectives;
-//# sourceMappingURL=csp.d.ts.map

package/dist/src/middleware/csp.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"csp.d.ts","sourceRoot":"","sources":["../../../src/middleware/csp.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;IACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;IACtB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC5B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAA;IACtC,2BAA2B,CAAC,EAAE,OAAO,CAAA;IACrC,yBAAyB,CAAC,EAAE,OAAO,CAAA;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,OAAO,CAAA;IACd,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,MAAM,EAAE,MAAM,EAAE,CAAA;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,CAAA;IACvD,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAA;IAChD,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACjC;AAED;;GAEG;AACH,eAAO,MAAM,sBAAsB,EAAE,aAgBpC,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,qBAAqB,EAAE,aAkBnC,CAAA;AAED;;;GAGG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAGtC;AAaD;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,UAAU,EAAE,aAAa,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,CA+BhF;AAED;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAGtD;AA6BD;;;;GAIG;AACH,wBAAgB,yBAAyB,CAAC,GAAG,EAAE,MAAM,GAAG,mBAAmB,CAiG1E;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,UAAU,GAAE,aAAsC,IACtE,MAAM,cAAc,EAAE,KAAK,eAAe,EAAE,MAAM,MAAM,IAAI,KAAG,IAAI,CAe5E;AAED;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,GAAE,MAAqB,GAAG,aAAa,CA2B9E"}

package/dist/src/middleware/csp.js

@@ -1,273 +0,0 @@
-/**
- * Content Security Policy middleware and utilities for MCP server
- *
- * While the MCP server currently uses stdio transport, these utilities
- * provide CSP support for potential HTTP transport scenarios.
- */
-import { randomBytes } from 'node:crypto';
-/**
- * Default CSP directives for MCP server
- */
-export const DEFAULT_CSP_DIRECTIVES = {
-    'default-src': ["'self'"],
-    'script-src': ["'self'"],
-    'style-src': ["'self'"],
-    'img-src': ["'self'", 'data:', 'https:'],
-    'font-src': ["'self'"],
-    'connect-src': ["'self'"],
-    'media-src': ["'self'"],
-    'object-src': ["'none'"],
-    'frame-src': ["'none'"],
-    'worker-src': ["'self'"],
-    'form-action': ["'self'"],
-    'frame-ancestors': ["'none'"],
-    'base-uri': ["'self'"],
-    'upgrade-insecure-requests': true,
-    'block-all-mixed-content': true,
-};
-/**
- * Strict CSP directives for maximum security
- */
-export const STRICT_CSP_DIRECTIVES = {
-    'default-src': ["'none'"],
-    'script-src': ["'self'"],
-    'style-src': ["'self'"],
-    'img-src': ["'self'", 'data:'],
-    'font-src': ["'self'"],
-    'connect-src': ["'self'"],
-    'media-src': ["'none'"],
-    'object-src': ["'none'"],
-    'frame-src': ["'none'"],
-    'worker-src': ["'none'"],
-    'form-action': ["'none'"],
-    'frame-ancestors': ["'none'"],
-    'base-uri': ["'none'"],
-    'manifest-src': ["'self'"],
-    'require-trusted-types-for': ["'script'"],
-    'upgrade-insecure-requests': true,
-    'block-all-mixed-content': true,
-};
-/**
- * Generates a cryptographically secure nonce for CSP
- * @returns A 32-character base64 nonce
- */
-export function generateNonce() {
-    // Use Node.js crypto.randomBytes for cryptographically secure random bytes
-    return randomBytes(16).toString('base64');
-}
-/**
- * Sanitize a CSP source value to prevent directive injection
- * @param source - The source value to sanitize
- * @returns Sanitized source value
- */
-function sanitizeCspSource(source) {
-    // Remove characters that could be used for injection
-    // CSP sources should not contain ; (directive separator) or newlines
-    return source.replace(/[;\r\n]/g, '');
-}
-/**
- * Converts CSP directives object to a CSP header string
- * @param directives - The CSP directives to convert
- * @param nonce - Optional nonce to add to script-src and style-src
- * @returns The CSP header value
- */
-export function buildCspHeader(directives, nonce) {
-    const parts = [];
-    for (const [directive, value] of Object.entries(directives)) {
-        // Sanitize directive name (should be alphanumeric with hyphens only)
-        const sanitizedDirective = directive.replace(/[^a-zA-Z0-9-]/g, '');
-        if (typeof value === 'boolean') {
-            if (value) {
-                parts.push(sanitizedDirective);
-            }
-        }
-        else if (typeof value === 'string') {
-            // Handle string directives like report-to
-            const sanitizedValue = sanitizeCspSource(value);
-            parts.push(`${sanitizedDirective} ${sanitizedValue}`);
-        }
-        else if (Array.isArray(value)) {
-            const sources = value.map(sanitizeCspSource);
-            // Add nonce to script-src and style-src if provided
-            if (nonce && (directive === 'script-src' || directive === 'style-src')) {
-                // Validate nonce format (base64)
-                if (/^[A-Za-z0-9+/=]+$/.test(nonce)) {
-                    sources.push(`'nonce-${nonce}'`);
-                }
-            }
-            parts.push(`${sanitizedDirective} ${sources.join(' ')}`);
-        }
-    }
-    return parts.join('; ');
-}
-/**
- * Validates a CSP header string
- * @param csp - The CSP header string to validate
- * @returns true if valid, false otherwise
- */
-export function validateCspHeader(csp) {
-    const result = validateCspHeaderDetailed(csp);
-    return result.valid;
-}
-/**
- * Parse CSP header into directives map
- * @param csp - The CSP header string
- * @returns Map of directive name to values
- */
-function parseCspDirectives(csp) {
-    const directives = new Map();
-    const parts = csp
-        .split(';')
-        .map((p) => p.trim())
-        .filter((p) => p.length > 0);
-    for (const part of parts) {
-        const spaceIndex = part.indexOf(' ');
-        if (spaceIndex === -1) {
-            // Directive without value (e.g., upgrade-insecure-requests)
-            directives.set(part.toLowerCase(), '');
-        }
-        else {
-            const name = part.substring(0, spaceIndex).toLowerCase();
-            const value = part.substring(spaceIndex + 1);
-            directives.set(name, value);
-        }
-    }
-    return directives;
-}
-/**
- * Validates a CSP header string with detailed results
- * @param csp - The CSP header string to validate
- * @returns Detailed validation result with warnings and errors
- */
-export function validateCspHeaderDetailed(csp) {
-    const result = {
-        valid: true,
-        warnings: [],
-        errors: [],
-    };
-    if (!csp || typeof csp !== 'string') {
-        result.valid = false;
-        result.errors.push('CSP header must be a non-empty string');
-        return result;
-    }
-    // Parse directives for per-directive analysis
-    const directives = parseCspDirectives(csp);
-    const _lowercaseCsp = csp.toLowerCase();
-    // Check for unsafe-eval in script-src or default-src (per-directive check)
-    const scriptSrc = directives.get('script-src') || '';
-    const defaultSrc = directives.get('default-src') || '';
-    if (scriptSrc.includes("'unsafe-eval'") || defaultSrc.includes("'unsafe-eval'")) {
-        result.warnings.push('unsafe-eval detected in script-src or default-src - allows arbitrary code execution');
-        console.warn('[CSP] Warning: unsafe-eval detected in CSP policy');
-    }
-    // Check for unsafe-inline WITHOUT nonce in the SAME directive (per-directive check)
-    // This is the correct check - unsafe-inline in script-src is only mitigated by nonce in script-src
-    if (scriptSrc.includes("'unsafe-inline'") && !scriptSrc.includes("'nonce-")) {
-        result.warnings.push('unsafe-inline without nonce in script-src - vulnerable to XSS');
-        console.warn('[CSP] Warning: unsafe-inline without nonce detected in script-src');
-    }
-    const styleSrc = directives.get('style-src') || '';
-    if (styleSrc.includes("'unsafe-inline'") && !styleSrc.includes("'nonce-")) {
-        result.warnings.push('unsafe-inline without nonce in style-src - vulnerable to CSS injection');
-        console.warn('[CSP] Warning: unsafe-inline without nonce detected in style-src');
-    }
-    // Check for wildcard sources in sensitive directives
-    const sensitiveDirectives = ['script-src', 'style-src', 'object-src', 'base-uri'];
-    for (const directive of sensitiveDirectives) {
-        const directiveValue = directives.get(directive) || '';
-        // Check for standalone wildcard (not part of *.example.com)
-        if (/(?:^|\s)\*(?:\s|$)/.test(directiveValue)) {
-            result.warnings.push(`Wildcard (*) in ${directive} is overly permissive`);
-        }
-    }
-    // Check for data: URI in script-src (XSS risk)
-    if (scriptSrc.includes('data:')) {
-        result.warnings.push('data: URI in script-src allows XSS attacks');
-    }
-    // Check for blob: and filesystem: in script-src (XSS risk)
-    if (scriptSrc.includes('blob:')) {
-        result.warnings.push('blob: URI in script-src can be used for XSS');
-    }
-    if (scriptSrc.includes('filesystem:')) {
-        result.warnings.push('filesystem: URI in script-src can be used for XSS');
-    }
-    // Verify object-src is properly restricted (Flash/plugin attacks)
-    const objectSrc = directives.get('object-src') || '';
-    if (directives.has('object-src')) {
-        if (!objectSrc.includes("'none'") && !objectSrc.includes("'self'")) {
-            // Check if it has potentially dangerous values
-            if (objectSrc.includes('*') || objectSrc.includes('data:') || objectSrc.includes('blob:')) {
-                result.warnings.push('object-src has permissive values - vulnerable to plugin-based attacks');
-            }
-            else if (objectSrc.trim() !== '') {
-                result.warnings.push('object-src should be restricted to prevent plugin-based attacks');
-            }
-        }
-    }
-    // Check for missing default-src (fallback for other directives)
-    if (!directives.has('default-src')) {
-        result.warnings.push('Missing default-src - other directives may fall back to permissive defaults');
-    }
-    // Should have at least one directive
-    if (!csp.includes('-src') &&
-        !csp.includes('upgrade-insecure-requests') &&
-        !csp.includes('sandbox')) {
-        result.valid = false;
-        result.errors.push('CSP must contain at least one valid directive');
-    }
-    return result;
-}
-/**
- * HTTP middleware function for adding CSP headers
- * This can be used if the MCP server adds HTTP transport in the future
- */
-export function cspMiddleware(directives = DEFAULT_CSP_DIRECTIVES) {
-    return (_req, res, next) => {
-        const nonce = generateNonce();
-        const cspHeader = buildCspHeader(directives, nonce);
-        // Set CSP header
-        res.setHeader('Content-Security-Policy', cspHeader);
-        // Add nonce to response locals for use in templates
-        if (!res.locals) {
-            res.locals = {};
-        }
-        res.locals.cspNonce = nonce;
-        next();
-    };
-}
-/**
- * Gets CSP configuration for different environments
- *
- * NOTE: Test environment uses relaxed CSP for testing purposes.
- * Production code should always use STRICT_CSP_DIRECTIVES.
- *
- * @param env - The environment (development, production, test)
- * @returns The appropriate CSP directives
- */
-export function getCspForEnvironment(env = 'production') {
-    switch (env) {
-        case 'development':
-            // Slightly relaxed for development - only unsafe-eval for dev tools
-            // Still maintains object-src: 'none' for plugin protection
-            return {
-                ...DEFAULT_CSP_DIRECTIVES,
-                'script-src': ["'self'", "'unsafe-eval'"], // Allow eval for dev tools
-                'object-src': ["'none'"], // Always restrict plugins
-            };
-        case 'test':
-            // More permissive for testing, but maintain critical security restrictions
-            // Note: Tests requiring unsafe-inline should use nonces instead for better security testing
-            return {
-                ...DEFAULT_CSP_DIRECTIVES,
-                'script-src': ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
-                'style-src': ["'self'", "'unsafe-inline'"],
-                'object-src': ["'none'"], // Always restrict plugins even in test
-                'frame-ancestors': ["'none'"], // Prevent clickjacking even in test
-            };
-        case 'production':
-        default:
-            // Strict for production
-            return STRICT_CSP_DIRECTIVES;
-    }
-}
-//# sourceMappingURL=csp.js.map

package/dist/src/middleware/csp.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"csp.js","sourceRoot":"","sources":["../../../src/middleware/csp.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAuDzC;;GAEG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAkB;IACnD,aAAa,EAAE,CAAC,QAAQ,CAAC;IACzB,YAAY,EAAE,CAAC,QAAQ,CAAC;IACxB,WAAW,EAAE,CAAC,QAAQ,CAAC;IACvB,SAAS,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC;IACxC,UAAU,EAAE,CAAC,QAAQ,CAAC;IACtB,aAAa,EAAE,CAAC,QAAQ,CAAC;IACzB,WAAW,EAAE,CAAC,QAAQ,CAAC;IACvB,YAAY,EAAE,CAAC,QAAQ,CAAC;IACxB,WAAW,EAAE,CAAC,QAAQ,CAAC;IACvB,YAAY,EAAE,CAAC,QAAQ,CAAC;IACxB,aAAa,EAAE,CAAC,QAAQ,CAAC;IACzB,iBAAiB,EAAE,CAAC,QAAQ,CAAC;IAC7B,UAAU,EAAE,CAAC,QAAQ,CAAC;IACtB,2BAA2B,EAAE,IAAI;IACjC,yBAAyB,EAAE,IAAI;CAChC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAkB;IAClD,aAAa,EAAE,CAAC,QAAQ,CAAC;IACzB,YAAY,EAAE,CAAC,QAAQ,CAAC;IACxB,WAAW,EAAE,CAAC,QAAQ,CAAC;IACvB,SAAS,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC9B,UAAU,EAAE,CAAC,QAAQ,CAAC;IACtB,aAAa,EAAE,CAAC,QAAQ,CAAC;IACzB,WAAW,EAAE,CAAC,QAAQ,CAAC;IACvB,YAAY,EAAE,CAAC,QAAQ,CAAC;IACxB,WAAW,EAAE,CAAC,QAAQ,CAAC;IACvB,YAAY,EAAE,CAAC,QAAQ,CAAC;IACxB,aAAa,EAAE,CAAC,QAAQ,CAAC;IACzB,iBAAiB,EAAE,CAAC,QAAQ,CAAC;IAC7B,UAAU,EAAE,CAAC,QAAQ,CAAC;IACtB,cAAc,EAAE,CAAC,QAAQ,CAAC;IAC1B,2BAA2B,EAAE,CAAC,UAAU,CAAC;IACzC,2BAA2B,EAAE,IAAI;IACjC,yBAAyB,EAAE,IAAI;CAChC,CAAA;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa;IAC3B,2EAA2E;IAC3E,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AAC3C,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,MAAc;IACvC,qDAAqD;IACrD,qEAAqE;IACrE,OAAO,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAA;AACvC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,UAAyB,EAAE,KAAc;IACtE,MAAM,KAAK,GAAa,EAAE,CAAA;IAE1B,KAAK,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5D,qEAAqE;QACrE,MAAM,kBAAkB,GAAG,SAAS,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAA;QAElE,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,KAAK,EAAE,CAAC;gBACV,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;YAChC,CAAC;QACH,CAAC;aAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACrC,0CAA0C;YAC1C,MAAM,cAAc,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAA;YAC/C,KAAK,CAAC,IAAI,CAAC,GAAG,kBAAkB,IAAI,cAAc,EAAE,CAAC,CAAA;QACvD,CAAC;aAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAA;YAE5C,oDAAoD;YACpD,IAAI,KAAK,IAAI,CAAC,SAAS,KAAK,YAAY,IAAI,SAAS,KAAK,WAAW,CAAC,EAAE,CAAC;gBACvE,iCAAiC;gBACjC,IAAI,mBAAmB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBACpC,OAAO,CAAC,IAAI,CAAC,UAAU,KAAK,GAAG,CAAC,CAAA;gBAClC,CAAC;YACH,CAAC;YAED,KAAK,CAAC,IAAI,CAAC,GAAG,kBAAkB,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAAC,GAAW;IAC3C,MAAM,MAAM,GAAG,yBAAyB,CAAC,GAAG,CAAC,CAAA;IAC7C,OAAO,MAAM,CAAC,KAAK,CAAA;AACrB,CAAC;AAED;;;;GAIG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAA;IAC5C,MAAM,KAAK,GAAG,GAAG;SACd,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IAE9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QACpC,IAAI,UAAU,KAAK,CAAC,CAAC,EAAE,CAAC;YACtB,4DAA4D;YAC5D,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,EAAE,CAAC,CAAA;QACxC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,WAAW,EAAE,CAAA;YACxD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,CAAC,CAAA;YAC5C,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAA;AACnB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,yBAAyB,CAAC,GAAW;IACnD,MAAM,MAAM,GAAwB;QAClC,KAAK,EAAE,IAAI;QACX,QAAQ,EAAE,EAAE;QACZ,MAAM,EAAE,EAAE;KACX,CAAA;IAED,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,CAAC,KAAK,GAAG,KAAK,CAAA;QACpB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAA;QAC3D,OAAO,MAAM,CAAA;IACf,CAAC;IAED,8CAA8C;IAC9C,MAAM,UAAU,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAA;IAC1C,MAAM,aAAa,GAAG,GAAG,CAAC,WAAW,EAAE,CAAA;IAEvC,2EAA2E;IAC3E,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;IACpD,MAAM,UAAU,GAAG,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAA;IAEtD,IAAI,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAChF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,qFAAqF,CACtF,CAAA;QACD,OAAO,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAA;IACnE,CAAC;IAED,oFAAoF;IACpF,mGAAmG;IACnG,IAAI,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,+DAA+D,CAAC,CAAA;QACrF,OAAO,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAA;IACnF,CAAC;IAED,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAA;IAClD,IAAI,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC1E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAA;QAC9F,OAAO,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAA;IAClF,CAAC;IAED,qDAAqD;IACrD,MAAM,mBAAmB,GAAG,CAAC,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,CAAC,CAAA;IACjF,KAAK,MAAM,SAAS,IAAI,mBAAmB,EAAE,CAAC;QAC5C,MAAM,cAAc,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,CAAA;QACtD,4DAA4D;QAC5D,IAAI,oBAAoB,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YAC9C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,mBAAmB,SAAS,uBAAuB,CAAC,CAAA;QAC3E,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,IAAI,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAChC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAA;IACpE,CAAC;IAED,2DAA2D;IAC3D,IAAI,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAChC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAA;IACrE,CAAC;IACD,IAAI,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;QACtC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAA;IAC3E,CAAC;IAED,kEAAkE;IAClE,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,CAAA;IACpD,IAAI,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnE,+CAA+C;YAC/C,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1F,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,uEAAuE,CACxE,CAAA;YACH,CAAC;iBAAM,IAAI,SAAS,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;gBACnC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,iEAAiE,CAAC,CAAA;YACzF,CAAC;QACH,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,6EAA6E,CAC9E,CAAA;IACH,CAAC;IAED,qCAAqC;IACrC,IACE,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrB,CAAC,GAAG,CAAC,QAAQ,CAAC,2BAA2B,CAAC;QAC1C,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EACxB,CAAC;QACD,MAAM,CAAC,KAAK,GAAG,KAAK,CAAA;QACpB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAA;IACrE,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,aAA4B,sBAAsB;IAC9E,OAAO,CAAC,IAAoB,EAAE,GAAoB,EAAE,IAAgB,EAAQ,EAAE;QAC5E,MAAM,KAAK,GAAG,aAAa,EAAE,CAAA;QAC7B,MAAM,SAAS,GAAG,cAAc,CAAC,UAAU,EAAE,KAAK,CAAC,CAAA;QAEnD,iBAAiB;QACjB,GAAG,CAAC,SAAS,CAAC,yBAAyB,EAAE,SAAS,CAAC,CAAA;QAEnD,oDAAoD;QACpD,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAChB,GAAG,CAAC,MAAM,GAAG,EAAE,CAAA;QACjB,CAAC;QACD,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,KAAK,CAAA;QAE3B,IAAI,EAAE,CAAA;IACR,CAAC,CAAA;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAc,YAAY;IAC7D,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,aAAa;YAChB,oEAAoE;YACpE,2DAA2D;YAC3D,OAAO;gBACL,GAAG,sBAAsB;gBACzB,YAAY,EAAE,CAAC,QAAQ,EAAE,eAAe,CAAC,EAAE,2BAA2B;gBACtE,YAAY,EAAE,CAAC,QAAQ,CAAC,EAAE,0BAA0B;aACrD,CAAA;QAEH,KAAK,MAAM;YACT,2EAA2E;YAC3E,4FAA4F;YAC5F,OAAO;gBACL,GAAG,sBAAsB;gBACzB,YAAY,EAAE,CAAC,QAAQ,EAAE,iBAAiB,EAAE,eAAe,CAAC;gBAC5D,WAAW,EAAE,CAAC,QAAQ,EAAE,iBAAiB,CAAC;gBAC1C,YAAY,EAAE,CAAC,QAAQ,CAAC,EAAE,uCAAuC;gBACjE,iBAAiB,EAAE,CAAC,QAAQ,CAAC,EAAE,oCAAoC;aACpE,CAAA;QAEH,KAAK,YAAY,CAAC;QAClB;YACE,wBAAwB;YACxB,OAAO,qBAAqB,CAAA;IAChC,CAAC;AACH,CAAC"}

package/dist/src/middleware/degradation.d.ts

@@ -1,105 +0,0 @@
-/**
- * SMI-1060: Graceful Degradation Middleware
- *
- * Middleware that wraps tool handlers with graceful degradation,
- * returning helpful messages instead of hard errors when features
- * are unavailable.
- */
-import { type LicenseMiddleware } from './license.js';
-import { type FeatureFlag } from './toolFeatureMapping.js';
-/**
- * License tiers for degradation middleware
- * Matches the LicenseTier type from license.ts
- */
-type DegradationLicenseTier = 'community' | 'individual' | 'team' | 'enterprise';
-/**
- * MCP tool request structure
- */
-export interface McpToolRequest {
-    name: string;
-    arguments: Record<string, unknown>;
-}
-/**
- * MCP tool response structure
- */
-export interface McpToolResponse {
-    content: Array<{
-        type: 'text';
-        text: string;
-    }>;
-    isError?: boolean;
-    _meta?: Record<string, unknown>;
-}
-/**
- * Tool handler function type
- */
-export type ToolHandler<T = unknown> = (request: McpToolRequest) => Promise<T>;
-/**
- * Degradation event for logging
- */
-export interface DegradationLogEvent {
-    timestamp: string;
-    toolName: string;
-    feature: FeatureFlag | null;
-    tier: DegradationLicenseTier;
-    action: 'allowed' | 'degraded' | 'error';
-    message?: string;
-}
-/**
- * Degradation logger interface
- */
-export interface DegradationLogger {
-    log(event: DegradationLogEvent): void;
-}
-/**
- * Degradation middleware options
- */
-export interface DegradationMiddlewareOptions {
-    /** License middleware instance */
-    licenseMiddleware?: LicenseMiddleware;
-    /** Logger for degradation events */
-    logger?: DegradationLogger;
-    /** Enable verbose logging */
-    verbose?: boolean;
-    /** Custom upgrade URL base */
-    upgradeUrlBase?: string;
-}
-/**
- * Console logger for degradation events
- */
-export declare const consoleDegradationLogger: DegradationLogger;
-/**
- * Get tier comparison message
- */
-export declare function getTierComparisonMessage(): string;
-/**
- * Create the degradation middleware
- *
- * This middleware wraps tool handlers to provide graceful degradation
- * when features are unavailable due to license restrictions.
- *
- * @param options - Middleware configuration options
- * @returns Middleware wrapper function
- *
- * @example
- * ```typescript
- * const middleware = createDegradationMiddleware({
- *   logger: consoleDegradationLogger,
- *   verbose: true,
- * });
- *
- * const wrappedHandler = middleware.wrapHandler('audit_query', originalHandler);
- * ```
- */
-export declare function createDegradationMiddleware(options?: DegradationMiddlewareOptions): {
-    wrapHandler: <T>(toolName: string, handler: ToolHandler<T>, request: McpToolRequest) => Promise<T | McpToolResponse>;
-    createWrappedHandler: <T>(toolName: string, handler: ToolHandler<T>) => (request: McpToolRequest) => Promise<T | McpToolResponse>;
-    wouldDegrade: (toolName: string) => Promise<boolean>;
-    getDegradationStatus: () => Promise<Map<string, boolean>>;
-    getUpgradePrompt: (toolName: string) => Promise<string | null>;
-    getTierComparisonMessage: typeof getTierComparisonMessage;
-    licenseMiddleware: LicenseMiddleware;
-};
-export type DegradationMiddleware = ReturnType<typeof createDegradationMiddleware>;
-export {};
-//# sourceMappingURL=degradation.d.ts.map

package/dist/src/middleware/degradation.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"degradation.d.ts","sourceRoot":"","sources":["../../../src/middleware/degradation.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACL,KAAK,iBAAiB,EAIvB,MAAM,cAAc,CAAA;AACrB,OAAO,EAIL,KAAK,WAAW,EACjB,MAAM,yBAAyB,CAAA;AAQhC;;;GAGG;AACH,KAAK,sBAAsB,GAAG,WAAW,GAAG,YAAY,GAAG,MAAM,GAAG,YAAY,CAAA;AAwChF;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAC9C,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAChC;AAED;;GAEG;AACH,MAAM,MAAM,WAAW,CAAC,CAAC,GAAG,OAAO,IAAI,CAAC,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,CAAC,CAAC,CAAA;AAE9E;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,WAAW,GAAG,IAAI,CAAA;IAC3B,IAAI,EAAE,sBAAsB,CAAA;IAC5B,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,OAAO,CAAA;IACxC,OAAO,CAAC,EAAE,MAAM,CAAA;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,GAAG,CAAC,KAAK,EAAE,mBAAmB,GAAG,IAAI,CAAA;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,kCAAkC;IAClC,iBAAiB,CAAC,EAAE,iBAAiB,CAAA;IACrC,oCAAoC;IACpC,MAAM,CAAC,EAAE,iBAAiB,CAAA;IAC1B,6BAA6B;IAC7B,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB,8BAA8B;IAC9B,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB;AAaD;;GAEG;AACH,eAAO,MAAM,wBAAwB,EAAE,iBAMtC,CAAA;AA2CD;;GAEG;AACH,wBAAgB,wBAAwB,IAAI,MAAM,CAyBjD;AAyFD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,2BAA2B,CAAC,OAAO,GAAE,4BAAiC;kBAOzD,CAAC,YAChB,MAAM,WACP,WAAW,CAAC,CAAC,CAAC,WACd,cAAc,KACtB,OAAO,CAAC,CAAC,GAAG,eAAe,CAAC;2BAyDD,CAAC,YACnB,MAAM,WACP,WAAW,CAAC,CAAC,CAAC,KACtB,CAAC,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,CAAC,GAAG,eAAe,CAAC;6BAStB,MAAM,KAAG,OAAO,CAAC,OAAO,CAAC;gCAYxB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;iCAa1B,MAAM,KAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;;;EAqB1E;AAMD,MAAM,MAAM,qBAAqB,GAAG,UAAU,CAAC,OAAO,2BAA2B,CAAC,CAAA"}