@softeria/ms-365-mcp-server 0.11.3 → 0.11.5

package/dist/server.js

@@ -1,277 +1,290 @@
-import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
-import { StreamableHTTPServerTransport } from '@modelcontextprotocol/sdk/server/streamableHttp.js';
-import { mcpAuthRouter } from '@modelcontextprotocol/sdk/server/auth/router.js';
-import express from 'express';
-import crypto from 'crypto';
-import logger, { enableConsoleLogging } from './logger.js';
-import { registerAuthTools } from './auth-tools.js';
-import { registerGraphTools } from './graph-tools.js';
-import GraphClient from './graph-client.js';
-import { MicrosoftOAuthProvider } from './oauth-provider.js';
-import { microsoftBearerTokenAuthMiddleware, exchangeCodeForToken, refreshAccessToken } from './lib/microsoft-auth.js';
-const registeredClients = new Map();
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
+import { mcpAuthRouter } from "@modelcontextprotocol/sdk/server/auth/router.js";
+import express from "express";
+import crypto from "crypto";
+import logger, { enableConsoleLogging } from "./logger.js";
+import { registerAuthTools } from "./auth-tools.js";
+import { registerGraphTools } from "./graph-tools.js";
+import GraphClient from "./graph-client.js";
+import { MicrosoftOAuthProvider } from "./oauth-provider.js";
+import { microsoftBearerTokenAuthMiddleware, exchangeCodeForToken, refreshAccessToken } from "./lib/microsoft-auth.js";
+const registeredClients = /* @__PURE__ */ new Map();
 class MicrosoftGraphServer {
-    constructor(authManager, options = {}) {
-        this.authManager = authManager;
-        this.options = options;
-        this.graphClient = new GraphClient(authManager);
-        this.server = null;
+  constructor(authManager, options = {}) {
+    this.authManager = authManager;
+    this.options = options;
+    this.graphClient = new GraphClient(authManager);
+    this.server = null;
+  }
+  async initialize(version) {
+    this.server = new McpServer({
+      name: "Microsoft365MCP",
+      version
+    });
+    const shouldRegisterAuthTools = !this.options.http || this.options.enableAuthTools;
+    if (shouldRegisterAuthTools) {
+      registerAuthTools(this.server, this.authManager);
     }
-    async initialize(version) {
-        this.server = new McpServer({
-            name: 'Microsoft365MCP',
-            version,
-        });
-        const shouldRegisterAuthTools = !this.options.http || this.options.enableAuthTools;
-        if (shouldRegisterAuthTools) {
-            registerAuthTools(this.server, this.authManager);
-        }
-        registerGraphTools(this.server, this.graphClient, this.options.readOnly, this.options.enabledTools);
+    registerGraphTools(
+      this.server,
+      this.graphClient,
+      this.options.readOnly,
+      this.options.enabledTools
+    );
+  }
+  async start() {
+    if (this.options.v) {
+      enableConsoleLogging();
     }
-    async start() {
-        if (this.options.v) {
-            enableConsoleLogging();
+    logger.info("Microsoft 365 MCP Server starting...");
+    logger.info("Environment Variables Check:", {
+      CLIENT_ID: process.env.MS365_MCP_CLIENT_ID ? `${process.env.MS365_MCP_CLIENT_ID.substring(0, 8)}...` : "NOT SET",
+      CLIENT_SECRET: process.env.MS365_MCP_CLIENT_SECRET ? `${process.env.MS365_MCP_CLIENT_SECRET.substring(0, 8)}...` : "NOT SET",
+      TENANT_ID: process.env.MS365_MCP_TENANT_ID || "NOT SET",
+      NODE_ENV: process.env.NODE_ENV || "NOT SET"
+    });
+    if (this.options.readOnly) {
+      logger.info("Server running in READ-ONLY mode. Write operations are disabled.");
+    }
+    if (this.options.http) {
+      const port = typeof this.options.http === "string" ? parseInt(this.options.http) : 3e3;
+      const app = express();
+      app.use(express.json());
+      app.use(express.urlencoded({ extended: true }));
+      app.use((req, res, next) => {
+        res.header("Access-Control-Allow-Origin", "*");
+        res.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
+        res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization, mcp-protocol-version");
+        if (req.method === "OPTIONS") {
+          res.sendStatus(200);
+          return;
         }
-        logger.info('Microsoft 365 MCP Server starting...');
-        // Debug: Check if environment variables are loaded
-        logger.info('Environment Variables Check:', {
-            CLIENT_ID: process.env.MS365_MCP_CLIENT_ID ? `${process.env.MS365_MCP_CLIENT_ID.substring(0, 8)}...` : 'NOT SET',
-            CLIENT_SECRET: process.env.MS365_MCP_CLIENT_SECRET ? `${process.env.MS365_MCP_CLIENT_SECRET.substring(0, 8)}...` : 'NOT SET',
-            TENANT_ID: process.env.MS365_MCP_TENANT_ID || 'NOT SET',
-            NODE_ENV: process.env.NODE_ENV || 'NOT SET'
+        next();
+      });
+      const oauthProvider = new MicrosoftOAuthProvider(this.authManager);
+      app.get("/.well-known/oauth-authorization-server", async (req, res) => {
+        const url = new URL(`${req.protocol}://${req.get("host")}`);
+        res.json({
+          issuer: url.origin,
+          authorization_endpoint: `${url.origin}/authorize`,
+          token_endpoint: `${url.origin}/token`,
+          registration_endpoint: `${url.origin}/register`,
+          response_types_supported: ["code"],
+          response_modes_supported: ["query"],
+          grant_types_supported: ["authorization_code", "refresh_token"],
+          token_endpoint_auth_methods_supported: ["none"],
+          code_challenge_methods_supported: ["S256"],
+          scopes_supported: [
+            "User.Read",
+            "Files.Read",
+            "Mail.Read"
+          ]
+        });
+      });
+      app.get("/.well-known/oauth-protected-resource", async (req, res) => {
+        const url = new URL(`${req.protocol}://${req.get("host")}`);
+        res.json({
+          resource: `${url.origin}/mcp`,
+          authorization_servers: [url.origin],
+          scopes_supported: [
+            "User.Read",
+            "Files.Read",
+            "Mail.Read"
+          ],
+          bearer_methods_supported: ["header"],
+          resource_documentation: `${url.origin}`
+        });
+      });
+      app.post("/register", async (req, res) => {
+        const body = req.body;
+        const clientId = crypto.randomUUID();
+        registeredClients.set(clientId, {
+          client_id: clientId,
+          client_name: body.client_name || "MCP Client",
+          redirect_uris: body.redirect_uris || [],
+          grant_types: body.grant_types || ["authorization_code", "refresh_token"],
+          response_types: body.response_types || ["code"],
+          scope: body.scope,
+          token_endpoint_auth_method: "none",
+          created_at: Date.now()
+        });
+        res.status(201).json({
+          client_id: clientId,
+          client_name: body.client_name || "MCP Client",
+          redirect_uris: body.redirect_uris || [],
+          grant_types: body.grant_types || ["authorization_code", "refresh_token"],
+          response_types: body.response_types || ["code"],
+          scope: body.scope,
+          token_endpoint_auth_method: "none"
+        });
+      });
+      app.get("/authorize", async (req, res) => {
+        const url = new URL(req.url, `${req.protocol}://${req.get("host")}`);
+        const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
+        const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
+        const microsoftAuthUrl = new URL(`https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize`);
+        const allowedParams = [
+          "response_type",
+          "redirect_uri",
+          "scope",
+          "state",
+          "response_mode",
+          "code_challenge",
+          "code_challenge_method",
+          "prompt",
+          "login_hint",
+          "domain_hint"
+        ];
+        allowedParams.forEach((param) => {
+          const value = url.searchParams.get(param);
+          if (value) {
+            microsoftAuthUrl.searchParams.set(param, value);
+          }
         });
-        if (this.options.readOnly) {
-            logger.info('Server running in READ-ONLY mode. Write operations are disabled.');
+        microsoftAuthUrl.searchParams.set("client_id", clientId);
+        if (!microsoftAuthUrl.searchParams.get("scope")) {
+          microsoftAuthUrl.searchParams.set("scope", "User.Read Files.Read Mail.Read");
         }
-        if (this.options.http) {
-            const port = typeof this.options.http === 'string' ? parseInt(this.options.http) : 3000;
-            const app = express();
-            app.use(express.json());
-            app.use(express.urlencoded({ extended: true }));
-            // Add CORS headers for all routes
-            app.use((req, res, next) => {
-                res.header('Access-Control-Allow-Origin', '*');
-                res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
-                res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization, mcp-protocol-version');
-                // Handle preflight requests
-                if (req.method === 'OPTIONS') {
-                    res.sendStatus(200);
-                    return;
-                }
-                next();
+        res.redirect(microsoftAuthUrl.toString());
+      });
+      app.post("/token", async (req, res) => {
+        try {
+          logger.info("Token endpoint called", {
+            method: req.method,
+            url: req.url,
+            headers: req.headers,
+            bodyType: typeof req.body,
+            body: req.body,
+            rawBody: JSON.stringify(req.body),
+            contentType: req.get("Content-Type")
+          });
+          const body = req.body;
+          if (!body) {
+            logger.error("Token endpoint: Request body is undefined");
+            res.status(400).json({
+              error: "invalid_request",
+              error_description: "Request body is required"
             });
-            const oauthProvider = new MicrosoftOAuthProvider(this.authManager);
-            // OAuth Authorization Server Discovery
-            app.get('/.well-known/oauth-authorization-server', async (req, res) => {
-                const url = new URL(`${req.protocol}://${req.get('host')}`);
-                res.json({
-                    issuer: url.origin,
-                    authorization_endpoint: `${url.origin}/authorize`,
-                    token_endpoint: `${url.origin}/token`,
-                    registration_endpoint: `${url.origin}/register`,
-                    response_types_supported: ['code'],
-                    response_modes_supported: ['query'],
-                    grant_types_supported: ['authorization_code', 'refresh_token'],
-                    token_endpoint_auth_methods_supported: ['none'],
-                    code_challenge_methods_supported: ['S256'],
-                    scopes_supported: [
-                        'User.Read', 'Files.Read', 'Mail.Read'
-                    ],
-                });
+            return;
+          }
+          if (!body.grant_type) {
+            logger.error("Token endpoint: grant_type is missing", { body });
+            res.status(400).json({
+              error: "invalid_request",
+              error_description: "grant_type parameter is required"
             });
-            // OAuth Protected Resource Discovery
-            app.get('/.well-known/oauth-protected-resource', async (req, res) => {
-                const url = new URL(`${req.protocol}://${req.get('host')}`);
-                res.json({
-                    resource: `${url.origin}/mcp`,
-                    authorization_servers: [url.origin],
-                    scopes_supported: [
-                        'User.Read', 'Files.Read', 'Mail.Read'
-                    ],
-                    bearer_methods_supported: ['header'],
-                    resource_documentation: `${url.origin}`,
-                });
-            });
-            // Dynamic Client Registration endpoint
-            app.post('/register', async (req, res) => {
-                const body = req.body;
-                // Generate a client ID
-                const clientId = crypto.randomUUID();
-                // Store the client registration
-                registeredClients.set(clientId, {
-                    client_id: clientId,
-                    client_name: body.client_name || 'MCP Client',
-                    redirect_uris: body.redirect_uris || [],
-                    grant_types: body.grant_types || ['authorization_code', 'refresh_token'],
-                    response_types: body.response_types || ['code'],
-                    scope: body.scope,
-                    token_endpoint_auth_method: 'none',
-                    created_at: Date.now()
-                });
-                // Return the client registration response
-                res.status(201).json({
-                    client_id: clientId,
-                    client_name: body.client_name || 'MCP Client',
-                    redirect_uris: body.redirect_uris || [],
-                    grant_types: body.grant_types || ['authorization_code', 'refresh_token'],
-                    response_types: body.response_types || ['code'],
-                    scope: body.scope,
-                    token_endpoint_auth_method: 'none'
-                });
-            });
-            // Authorization endpoint - redirects to Microsoft
-            app.get('/authorize', async (req, res) => {
-                const url = new URL(req.url, `${req.protocol}://${req.get('host')}`);
-                const tenantId = process.env.MS365_MCP_TENANT_ID || 'common';
-                const clientId = process.env.MS365_MCP_CLIENT_ID || '084a3e9f-a9f4-43f7-89f9-d229cf97853e';
-                const microsoftAuthUrl = new URL(`https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize`);
-                // Only forward parameters that Microsoft OAuth 2.0 v2.0 supports
-                const allowedParams = [
-                    'response_type', 'redirect_uri', 'scope', 'state', 'response_mode',
-                    'code_challenge', 'code_challenge_method', 'prompt', 'login_hint', 'domain_hint'
-                ];
-                allowedParams.forEach(param => {
-                    const value = url.searchParams.get(param);
-                    if (value) {
-                        microsoftAuthUrl.searchParams.set(param, value);
-                    }
-                });
-                // Use our Microsoft app's client_id
-                microsoftAuthUrl.searchParams.set('client_id', clientId);
-                // Ensure we have the minimal required scopes if none provided
-                if (!microsoftAuthUrl.searchParams.get('scope')) {
-                    microsoftAuthUrl.searchParams.set('scope', 'User.Read Files.Read Mail.Read');
-                }
-                // Redirect to Microsoft's authorization page
-                res.redirect(microsoftAuthUrl.toString());
-            });
-            // Token exchange endpoint
-            app.post('/token', async (req, res) => {
-                try {
-                    // Comprehensive debugging
-                    logger.info('Token endpoint called', {
-                        method: req.method,
-                        url: req.url,
-                        headers: req.headers,
-                        bodyType: typeof req.body,
-                        body: req.body,
-                        rawBody: JSON.stringify(req.body),
-                        contentType: req.get('Content-Type')
-                    });
-                    const body = req.body;
-                    // Add debugging and validation
-                    if (!body) {
-                        logger.error('Token endpoint: Request body is undefined');
-                        res.status(400).json({
-                            error: 'invalid_request',
-                            error_description: 'Request body is required'
-                        });
-                        return;
-                    }
-                    if (!body.grant_type) {
-                        logger.error('Token endpoint: grant_type is missing', { body });
-                        res.status(400).json({
-                            error: 'invalid_request',
-                            error_description: 'grant_type parameter is required'
-                        });
-                        return;
-                    }
-                    if (body.grant_type === 'authorization_code') {
-                        const tenantId = process.env.MS365_MCP_TENANT_ID || 'common';
-                        const clientId = process.env.MS365_MCP_CLIENT_ID || '084a3e9f-a9f4-43f7-89f9-d229cf97853e';
-                        const clientSecret = process.env.MS365_MCP_CLIENT_SECRET;
-                        if (!clientSecret) {
-                            logger.error('Token endpoint: MS365_MCP_CLIENT_SECRET is not configured');
-                            res.status(500).json({
-                                error: 'server_error',
-                                error_description: 'Server configuration error'
-                            });
-                            return;
-                        }
-                        const result = await exchangeCodeForToken(body.code, body.redirect_uri, clientId, clientSecret, tenantId, body.code_verifier);
-                        res.json(result);
-                    }
-                    else if (body.grant_type === 'refresh_token') {
-                        const tenantId = process.env.MS365_MCP_TENANT_ID || 'common';
-                        const clientId = process.env.MS365_MCP_CLIENT_ID || '084a3e9f-a9f4-43f7-89f9-d229cf97853e';
-                        const clientSecret = process.env.MS365_MCP_CLIENT_SECRET;
-                        if (!clientSecret) {
-                            logger.error('Token endpoint: MS365_MCP_CLIENT_SECRET is not configured');
-                            res.status(500).json({
-                                error: 'server_error',
-                                error_description: 'Server configuration error'
-                            });
-                            return;
-                        }
-                        const result = await refreshAccessToken(body.refresh_token, clientId, clientSecret, tenantId);
-                        res.json(result);
-                    }
-                    else {
-                        res.status(400).json({
-                            error: 'unsupported_grant_type',
-                            error_description: `Grant type '${body.grant_type}' is not supported`
-                        });
-                    }
-                }
-                catch (error) {
-                    logger.error('Token endpoint error:', error);
-                    res.status(500).json({
-                        error: 'server_error',
-                        error_description: 'Internal server error during token exchange'
-                    });
-                }
-            });
-            app.use(mcpAuthRouter({
-                provider: oauthProvider,
-                issuerUrl: new URL(`http://localhost:${port}`),
-            }));
-            // Microsoft Graph MCP endpoints with bearer token auth
-            app.post('/mcp', microsoftBearerTokenAuthMiddleware, async (req, res) => {
-                try {
-                    // Set OAuth tokens in the GraphClient if available
-                    if (req.microsoftAuth) {
-                        this.graphClient.setOAuthTokens(req.microsoftAuth.accessToken, req.microsoftAuth.refreshToken);
-                    }
-                    const transport = new StreamableHTTPServerTransport({
-                        sessionIdGenerator: undefined, // Stateless mode
-                    });
-                    res.on('close', () => {
-                        transport.close();
-                    });
-                    await this.server.connect(transport);
-                    await transport.handleRequest(req, res, req.body);
-                }
-                catch (error) {
-                    logger.error('Error handling MCP request:', error);
-                    if (!res.headersSent) {
-                        res.status(500).json({
-                            jsonrpc: '2.0',
-                            error: {
-                                code: -32603,
-                                message: 'Internal server error',
-                            },
-                            id: null,
-                        });
-                    }
-                }
-            });
-            // Health check endpoint
-            app.get('/', (req, res) => {
-                res.send('Microsoft 365 MCP Server is running');
-            });
-            app.listen(port, () => {
-                logger.info(`Server listening on HTTP port ${port}`);
-                logger.info(`  - MCP endpoint: http://localhost:${port}/mcp`);
-                logger.info(`  - OAuth endpoints: http://localhost:${port}/auth/*`);
-                logger.info(`  - OAuth discovery: http://localhost:${port}/.well-known/oauth-authorization-server`);
+            return;
+          }
+          if (body.grant_type === "authorization_code") {
+            const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
+            const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
+            const clientSecret = process.env.MS365_MCP_CLIENT_SECRET;
+            if (!clientSecret) {
+              logger.error("Token endpoint: MS365_MCP_CLIENT_SECRET is not configured");
+              res.status(500).json({
+                error: "server_error",
+                error_description: "Server configuration error"
+              });
+              return;
+            }
+            const result = await exchangeCodeForToken(
+              body.code,
+              body.redirect_uri,
+              clientId,
+              clientSecret,
+              tenantId,
+              body.code_verifier
+            );
+            res.json(result);
+          } else if (body.grant_type === "refresh_token") {
+            const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
+            const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
+            const clientSecret = process.env.MS365_MCP_CLIENT_SECRET;
+            if (!clientSecret) {
+              logger.error("Token endpoint: MS365_MCP_CLIENT_SECRET is not configured");
+              res.status(500).json({
+                error: "server_error",
+                error_description: "Server configuration error"
+              });
+              return;
+            }
+            const result = await refreshAccessToken(
+              body.refresh_token,
+              clientId,
+              clientSecret,
+              tenantId
+            );
+            res.json(result);
+          } else {
+            res.status(400).json({
+              error: "unsupported_grant_type",
+              error_description: `Grant type '${body.grant_type}' is not supported`
             });
+          }
+        } catch (error) {
+          logger.error("Token endpoint error:", error);
+          res.status(500).json({
+            error: "server_error",
+            error_description: "Internal server error during token exchange"
+          });
         }
-        else {
-            const transport = new StdioServerTransport();
-            await this.server.connect(transport);
-            logger.info('Server connected to stdio transport');
+      });
+      app.use(
+        mcpAuthRouter({
+          provider: oauthProvider,
+          issuerUrl: new URL(`http://localhost:${port}`)
+        })
+      );
+      app.post("/mcp", microsoftBearerTokenAuthMiddleware, async (req, res) => {
+        try {
+          if (req.microsoftAuth) {
+            this.graphClient.setOAuthTokens(
+              req.microsoftAuth.accessToken,
+              req.microsoftAuth.refreshToken
+            );
+          }
+          const transport = new StreamableHTTPServerTransport({
+            sessionIdGenerator: void 0
+            // Stateless mode
+          });
+          res.on("close", () => {
+            transport.close();
+          });
+          await this.server.connect(transport);
+          await transport.handleRequest(req, res, req.body);
+        } catch (error) {
+          logger.error("Error handling MCP request:", error);
+          if (!res.headersSent) {
+            res.status(500).json({
+              jsonrpc: "2.0",
+              error: {
+                code: -32603,
+                message: "Internal server error"
+              },
+              id: null
+            });
+          }
         }
+      });
+      app.get("/", (req, res) => {
+        res.send("Microsoft 365 MCP Server is running");
+      });
+      app.listen(port, () => {
+        logger.info(`Server listening on HTTP port ${port}`);
+        logger.info(`  - MCP endpoint: http://localhost:${port}/mcp`);
+        logger.info(`  - OAuth endpoints: http://localhost:${port}/auth/*`);
+        logger.info(`  - OAuth discovery: http://localhost:${port}/.well-known/oauth-authorization-server`);
+      });
+    } else {
+      const transport = new StdioServerTransport();
+      await this.server.connect(transport);
+      logger.info("Server connected to stdio transport");
     }
+  }
 }
-export default MicrosoftGraphServer;
+var server_default = MicrosoftGraphServer;
+export {
+  server_default as default
+};

package/dist/version.js

@@ -1,7 +1,10 @@
-import { readFileSync } from 'fs';
-import path from 'path';
-import { fileURLToPath } from 'url';
+import { readFileSync } from "fs";
+import path from "path";
+import { fileURLToPath } from "url";
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
-const packageJsonPath = path.join(__dirname, '..', 'package.json');
-const packageJson = JSON.parse(readFileSync(packageJsonPath, 'utf8'));
-export const version = packageJson.version;
+const packageJsonPath = path.join(__dirname, "..", "package.json");
+const packageJson = JSON.parse(readFileSync(packageJsonPath, "utf8"));
+const version = packageJson.version;
+export {
+  version
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@softeria/ms-365-mcp-server",
-  "version": "0.11.3",
+  "version": "0.11.5",
   "description": "Microsoft 365 MCP Server",
   "type": "module",
   "main": "dist/index.js",
@@ -8,13 +8,12 @@
     "ms-365-mcp-server": "dist/index.js"
   },
   "scripts": {
-    "build": "tsc && chmod +x dist/index.js",
+    "build": "tsup",
     "test": "vitest run",
     "test:watch": "vitest",
     "dev": "tsx src/index.ts",
     "dev:http": "tsx --watch src/index.ts --http 3000 -v",
     "format": "prettier --write \"**/*.{ts,mts,js,mjs,json,md}\"",
-    "release": "ts-node --esm bin/release.mts",
     "inspect": "npx @modelcontextprotocol/inspector tsx src/index.ts",
     "prepublishOnly": "npm run build"
   },
@@ -42,13 +41,22 @@
   },
   "devDependencies": {
     "@redocly/cli": "^1.34.3",
+    "@semantic-release/exec": "^7.1.0",
+    "@semantic-release/git": "^10.0.1",
+    "@semantic-release/github": "^11.0.3",
+    "@semantic-release/npm": "^12.0.2",
     "@types/express": "^5.0.3",
     "@types/node": "^22.15.15",
     "prettier": "^3.5.3",
+    "semantic-release": "^24.2.7",
+    "tsup": "^8.5.0",
     "tsx": "^4.19.4",
     "typescript": "^5.8.3",
     "vitest": "^3.1.1"
   },
+  "engines": {
+    "node": ">=18"
+  },
   "repository": {
     "type": "git",
     "url": "https://github.com/softeria/ms-365-mcp-server.git"

package/tsup.config.ts

@@ -0,0 +1,30 @@
+import { defineConfig } from 'tsup';
+
+export default defineConfig({
+  entry: ['src/**/*.ts', 'src/endpoints.json'],
+  format: ['esm'],
+  target: 'es2020',
+  outDir: 'dist',
+  clean: true,
+  bundle: false,
+  splitting: false,
+  sourcemap: false,
+  dts: false,
+  publicDir: false,
+  onSuccess: 'chmod +x dist/index.js',
+  loader: {
+    '.json': 'copy',
+  },
+  noExternal: [],
+  external: [
+    '@azure/msal-node',
+    '@modelcontextprotocol/sdk',
+    'commander',
+    'dotenv',
+    'express',
+    'js-yaml',
+    'keytar',
+    'winston',
+    'zod',
+  ],
+});