@strapi/core 5.46.1 → 5.47.0

package/dist/services/mcp/utils/createSafeCapabilityRegistration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"createSafeCapabilityRegistration.js","sources":["../../../../src/services/mcp/utils/createSafeCapabilityRegistration.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\nimport type { RegisteredCapability } from '../internal/McpCapabilityRegistry';\nimport { wrapSafeHandler } from './safeHandlerWrapper';\n\n/**\n * A no-op registered capability used as fallback when SDK registration fails.\n *\n * This prevents one broken capability from aborting the entire registration loop.\n * The capability will appear as \"disabled\" and cannot be enabled.\n */\nexport const FAILED_REGISTERED_CAPABILITY: RegisteredCapability = Object.freeze({\n  enabled: false,\n  enable() {},\n  disable() {},\n  remove() {},\n});\n\n/**\n * Configuration for creating a safe capability registration\n */\nexport type SafeCapabilityRegistrationConfig<THandler, TErrorResult, TRegistered> = {\n  strapi: Core.Strapi;\n  capabilityType: string;\n  name: string;\n  createHandler: (strapi: Core.Strapi) => THandler;\n  createFallbackHandler: (errorMessage: string) => NoInfer<THandler>;\n  createErrorResult: (error: Error, args: unknown[]) => TErrorResult;\n  registerWithSdk: (safeHandler: THandler) => TRegistered;\n};\n\n/**\n * Creates a safe capability registration that protects Strapi core from user callback errors\n * at three levels:\n *\n * - Level 1: Catch factory invocation errors (createHandler throws)\n * - Level 2: Catch runtime execution errors (handler throws during invocation)\n * - Level 3: Catch MCP SDK registration errors (SDK rejects the registration)\n *\n * This prevents one broken capability from:\n * - Aborting the entire registration loop\n * - Crashing the MCP server\n * - Leaking unhandled errors to the user\n */\nexport const createSafeCapabilityRegistration = <THandler, TErrorResult, TRegistered>(\n  config: SafeCapabilityRegistrationConfig<THandler, TErrorResult, TRegistered>\n): TRegistered => {\n  const {\n    strapi,\n    capabilityType,\n    name,\n    createHandler,\n    createFallbackHandler,\n    createErrorResult,\n    registerWithSdk,\n  } = config;\n\n  try {\n    // Level 1: Safe factory invocation — catch errors from user's createHandler\n    let rawHandler: THandler;\n\n    try {\n      rawHandler = createHandler(strapi);\n    } catch (error) {\n      const message = error instanceof Error ? error.message : String(error);\n      strapi.log.error(\n        `[MCP] ${capabilityType} \"${name}\" handler factory threw during initialization: ${message}`\n      );\n\n      // Substitute a fallback handler that always returns an error to the MCP client\n      rawHandler = createFallbackHandler(message);\n    }\n\n    // Level 2: Safe runtime wrapping — catch errors from user's handler during execution\n    const safeHandler = wrapSafeHandler(rawHandler as (...args: unknown[]) => Promise<unknown>, {\n      strapi,\n      capabilityType,\n      name,\n      createErrorResult,\n    });\n\n    return registerWithSdk(safeHandler as THandler);\n  } catch (error) {\n    // Level 3: Catch MCP SDK registration errors — prevent one broken capability from aborting all others\n    const message = error instanceof Error ? error.message : String(error);\n    strapi.log.error(\n      `[MCP] Failed to register ${capabilityType.toLowerCase()} \"${name}\" with MCP server: ${message}`\n    );\n    return FAILED_REGISTERED_CAPABILITY as unknown as TRegistered;\n  }\n};\n"],"names":["FAILED_REGISTERED_CAPABILITY","Object","freeze","enabled","enable","disable","remove","createSafeCapabilityRegistration","config","strapi","capabilityType","name","createHandler","createFallbackHandler","createErrorResult","registerWithSdk","rawHandler","error","message","Error","String","log","safeHandler","wrapSafeHandler","toLowerCase"],"mappings":";;;;AAIA;;;;;AAKC,IACM,MAAMA,4BAAAA,GAAqDC,MAAAA,CAAOC,MAAM,CAAC;IAC9EC,OAAAA,EAAS,KAAA;IACTC,MAAAA,CAAAA,GAAAA,CAAU,CAAA;IACVC,OAAAA,CAAAA,GAAAA,CAAW,CAAA;IACXC,MAAAA,CAAAA,GAAAA,CAAU;AACZ,CAAA;AAeA;;;;;;;;;;;;IAaO,MAAMC,gCAAAA,GAAmC,CAC9CC,MAAAA,GAAAA;AAEA,IAAA,MAAM,EACJC,MAAM,EACNC,cAAc,EACdC,IAAI,EACJC,aAAa,EACbC,qBAAqB,EACrBC,iBAAiB,EACjBC,eAAe,EAChB,GAAGP,MAAAA;IAEJ,IAAI;;QAEF,IAAIQ,UAAAA;QAEJ,IAAI;AACFA,YAAAA,UAAAA,GAAaJ,aAAAA,CAAcH,MAAAA,CAAAA;AAC7B,QAAA,CAAA,CAAE,OAAOQ,KAAAA,EAAO;AACd,YAAA,MAAMC,UAAUD,KAAAA,YAAiBE,KAAAA,GAAQF,KAAAA,CAAMC,OAAO,GAAGE,MAAAA,CAAOH,KAAAA,CAAAA;AAChER,YAAAA,MAAAA,CAAOY,GAAG,CAACJ,KAAK,CACd,CAAC,MAAM,EAAEP,cAAAA,CAAe,EAAE,EAAEC,IAAAA,CAAK,+CAA+C,EAAEO,OAAAA,CAAAA,CAAS,CAAA;;AAI7FF,YAAAA,UAAAA,GAAaH,qBAAAA,CAAsBK,OAAAA,CAAAA;AACrC,QAAA;;QAGA,MAAMI,WAAAA,GAAcC,mCAAgBP,UAAAA,EAAwD;AAC1FP,YAAAA,MAAAA;AACAC,YAAAA,cAAAA;AACAC,YAAAA,IAAAA;AACAG,YAAAA;AACF,SAAA,CAAA;AAEA,QAAA,OAAOC,eAAAA,CAAgBO,WAAAA,CAAAA;AACzB,IAAA,CAAA,CAAE,OAAOL,KAAAA,EAAO;;AAEd,QAAA,MAAMC,UAAUD,KAAAA,YAAiBE,KAAAA,GAAQF,KAAAA,CAAMC,OAAO,GAAGE,MAAAA,CAAOH,KAAAA,CAAAA;AAChER,QAAAA,MAAAA,CAAOY,GAAG,CAACJ,KAAK,CACd,CAAC,yBAAyB,EAAEP,cAAAA,CAAec,WAAW,GAAG,EAAE,EAAEb,IAAAA,CAAK,mBAAmB,EAAEO,OAAAA,CAAAA,CAAS,CAAA;QAElG,OAAOlB,4BAAAA;AACT,IAAA;AACF;;;;;"}

package/dist/services/mcp/utils/createSafeCapabilityRegistration.mjs

@@ -0,0 +1,56 @@
+import { wrapSafeHandler } from './safeHandlerWrapper.mjs';
+
+/**
+ * A no-op registered capability used as fallback when SDK registration fails.
+ *
+ * This prevents one broken capability from aborting the entire registration loop.
+ * The capability will appear as "disabled" and cannot be enabled.
+ */ const FAILED_REGISTERED_CAPABILITY = Object.freeze({
+    enabled: false,
+    enable () {},
+    disable () {},
+    remove () {}
+});
+/**
+ * Creates a safe capability registration that protects Strapi core from user callback errors
+ * at three levels:
+ *
+ * - Level 1: Catch factory invocation errors (createHandler throws)
+ * - Level 2: Catch runtime execution errors (handler throws during invocation)
+ * - Level 3: Catch MCP SDK registration errors (SDK rejects the registration)
+ *
+ * This prevents one broken capability from:
+ * - Aborting the entire registration loop
+ * - Crashing the MCP server
+ * - Leaking unhandled errors to the user
+ */ const createSafeCapabilityRegistration = (config)=>{
+    const { strapi, capabilityType, name, createHandler, createFallbackHandler, createErrorResult, registerWithSdk } = config;
+    try {
+        // Level 1: Safe factory invocation — catch errors from user's createHandler
+        let rawHandler;
+        try {
+            rawHandler = createHandler(strapi);
+        } catch (error) {
+            const message = error instanceof Error ? error.message : String(error);
+            strapi.log.error(`[MCP] ${capabilityType} "${name}" handler factory threw during initialization: ${message}`);
+            // Substitute a fallback handler that always returns an error to the MCP client
+            rawHandler = createFallbackHandler(message);
+        }
+        // Level 2: Safe runtime wrapping — catch errors from user's handler during execution
+        const safeHandler = wrapSafeHandler(rawHandler, {
+            strapi,
+            capabilityType,
+            name,
+            createErrorResult
+        });
+        return registerWithSdk(safeHandler);
+    } catch (error) {
+        // Level 3: Catch MCP SDK registration errors — prevent one broken capability from aborting all others
+        const message = error instanceof Error ? error.message : String(error);
+        strapi.log.error(`[MCP] Failed to register ${capabilityType.toLowerCase()} "${name}" with MCP server: ${message}`);
+        return FAILED_REGISTERED_CAPABILITY;
+    }
+};
+
+export { FAILED_REGISTERED_CAPABILITY, createSafeCapabilityRegistration };
+//# sourceMappingURL=createSafeCapabilityRegistration.mjs.map

package/dist/services/mcp/utils/createSafeCapabilityRegistration.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"createSafeCapabilityRegistration.mjs","sources":["../../../../src/services/mcp/utils/createSafeCapabilityRegistration.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\nimport type { RegisteredCapability } from '../internal/McpCapabilityRegistry';\nimport { wrapSafeHandler } from './safeHandlerWrapper';\n\n/**\n * A no-op registered capability used as fallback when SDK registration fails.\n *\n * This prevents one broken capability from aborting the entire registration loop.\n * The capability will appear as \"disabled\" and cannot be enabled.\n */\nexport const FAILED_REGISTERED_CAPABILITY: RegisteredCapability = Object.freeze({\n  enabled: false,\n  enable() {},\n  disable() {},\n  remove() {},\n});\n\n/**\n * Configuration for creating a safe capability registration\n */\nexport type SafeCapabilityRegistrationConfig<THandler, TErrorResult, TRegistered> = {\n  strapi: Core.Strapi;\n  capabilityType: string;\n  name: string;\n  createHandler: (strapi: Core.Strapi) => THandler;\n  createFallbackHandler: (errorMessage: string) => NoInfer<THandler>;\n  createErrorResult: (error: Error, args: unknown[]) => TErrorResult;\n  registerWithSdk: (safeHandler: THandler) => TRegistered;\n};\n\n/**\n * Creates a safe capability registration that protects Strapi core from user callback errors\n * at three levels:\n *\n * - Level 1: Catch factory invocation errors (createHandler throws)\n * - Level 2: Catch runtime execution errors (handler throws during invocation)\n * - Level 3: Catch MCP SDK registration errors (SDK rejects the registration)\n *\n * This prevents one broken capability from:\n * - Aborting the entire registration loop\n * - Crashing the MCP server\n * - Leaking unhandled errors to the user\n */\nexport const createSafeCapabilityRegistration = <THandler, TErrorResult, TRegistered>(\n  config: SafeCapabilityRegistrationConfig<THandler, TErrorResult, TRegistered>\n): TRegistered => {\n  const {\n    strapi,\n    capabilityType,\n    name,\n    createHandler,\n    createFallbackHandler,\n    createErrorResult,\n    registerWithSdk,\n  } = config;\n\n  try {\n    // Level 1: Safe factory invocation — catch errors from user's createHandler\n    let rawHandler: THandler;\n\n    try {\n      rawHandler = createHandler(strapi);\n    } catch (error) {\n      const message = error instanceof Error ? error.message : String(error);\n      strapi.log.error(\n        `[MCP] ${capabilityType} \"${name}\" handler factory threw during initialization: ${message}`\n      );\n\n      // Substitute a fallback handler that always returns an error to the MCP client\n      rawHandler = createFallbackHandler(message);\n    }\n\n    // Level 2: Safe runtime wrapping — catch errors from user's handler during execution\n    const safeHandler = wrapSafeHandler(rawHandler as (...args: unknown[]) => Promise<unknown>, {\n      strapi,\n      capabilityType,\n      name,\n      createErrorResult,\n    });\n\n    return registerWithSdk(safeHandler as THandler);\n  } catch (error) {\n    // Level 3: Catch MCP SDK registration errors — prevent one broken capability from aborting all others\n    const message = error instanceof Error ? error.message : String(error);\n    strapi.log.error(\n      `[MCP] Failed to register ${capabilityType.toLowerCase()} \"${name}\" with MCP server: ${message}`\n    );\n    return FAILED_REGISTERED_CAPABILITY as unknown as TRegistered;\n  }\n};\n"],"names":["FAILED_REGISTERED_CAPABILITY","Object","freeze","enabled","enable","disable","remove","createSafeCapabilityRegistration","config","strapi","capabilityType","name","createHandler","createFallbackHandler","createErrorResult","registerWithSdk","rawHandler","error","message","Error","String","log","safeHandler","wrapSafeHandler","toLowerCase"],"mappings":";;AAIA;;;;;AAKC,IACM,MAAMA,4BAAAA,GAAqDC,MAAAA,CAAOC,MAAM,CAAC;IAC9EC,OAAAA,EAAS,KAAA;IACTC,MAAAA,CAAAA,GAAAA,CAAU,CAAA;IACVC,OAAAA,CAAAA,GAAAA,CAAW,CAAA;IACXC,MAAAA,CAAAA,GAAAA,CAAU;AACZ,CAAA;AAeA;;;;;;;;;;;;IAaO,MAAMC,gCAAAA,GAAmC,CAC9CC,MAAAA,GAAAA;AAEA,IAAA,MAAM,EACJC,MAAM,EACNC,cAAc,EACdC,IAAI,EACJC,aAAa,EACbC,qBAAqB,EACrBC,iBAAiB,EACjBC,eAAe,EAChB,GAAGP,MAAAA;IAEJ,IAAI;;QAEF,IAAIQ,UAAAA;QAEJ,IAAI;AACFA,YAAAA,UAAAA,GAAaJ,aAAAA,CAAcH,MAAAA,CAAAA;AAC7B,QAAA,CAAA,CAAE,OAAOQ,KAAAA,EAAO;AACd,YAAA,MAAMC,UAAUD,KAAAA,YAAiBE,KAAAA,GAAQF,KAAAA,CAAMC,OAAO,GAAGE,MAAAA,CAAOH,KAAAA,CAAAA;AAChER,YAAAA,MAAAA,CAAOY,GAAG,CAACJ,KAAK,CACd,CAAC,MAAM,EAAEP,cAAAA,CAAe,EAAE,EAAEC,IAAAA,CAAK,+CAA+C,EAAEO,OAAAA,CAAAA,CAAS,CAAA;;AAI7FF,YAAAA,UAAAA,GAAaH,qBAAAA,CAAsBK,OAAAA,CAAAA;AACrC,QAAA;;QAGA,MAAMI,WAAAA,GAAcC,gBAAgBP,UAAAA,EAAwD;AAC1FP,YAAAA,MAAAA;AACAC,YAAAA,cAAAA;AACAC,YAAAA,IAAAA;AACAG,YAAAA;AACF,SAAA,CAAA;AAEA,QAAA,OAAOC,eAAAA,CAAgBO,WAAAA,CAAAA;AACzB,IAAA,CAAA,CAAE,OAAOL,KAAAA,EAAO;;AAEd,QAAA,MAAMC,UAAUD,KAAAA,YAAiBE,KAAAA,GAAQF,KAAAA,CAAMC,OAAO,GAAGE,MAAAA,CAAOH,KAAAA,CAAAA;AAChER,QAAAA,MAAAA,CAAOY,GAAG,CAACJ,KAAK,CACd,CAAC,yBAAyB,EAAEP,cAAAA,CAAec,WAAW,GAAG,EAAE,EAAEb,IAAAA,CAAK,mBAAmB,EAAEO,OAAAA,CAAAA,CAAS,CAAA;QAElG,OAAOlB,4BAAAA;AACT,IAAA;AACF;;;;"}

package/dist/services/mcp/utils/jsonRpcErrors.d.ts

@@ -0,0 +1,22 @@
+/**
+ * JSON-RPC error codes and messages
+ * @see https://json-rpc.dev/docs/reference/error-codes
+ */
+export declare const JSON_RPC_ERRORS: {
+    readonly INTERNAL_ERROR: {
+        readonly code: -32603;
+        readonly message: "Internal error";
+        readonly httpStatus: 500;
+    };
+    readonly AUTHENTICATION_REQUIRED: {
+        readonly code: -32000;
+        readonly message: "Authentication required";
+        readonly httpStatus: 401;
+    };
+    readonly METHOD_NOT_ALLOWED: {
+        readonly code: -32601;
+        readonly message: "Method not allowed";
+        readonly httpStatus: 405;
+    };
+};
+//# sourceMappingURL=jsonRpcErrors.d.ts.map

package/dist/services/mcp/utils/jsonRpcErrors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jsonRpcErrors.d.ts","sourceRoot":"","sources":["../../../../src/services/mcp/utils/jsonRpcErrors.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;CAgBlB,CAAC"}

package/dist/services/mcp/utils/jsonRpcErrors.js

@@ -0,0 +1,25 @@
+'use strict';
+
+/**
+ * JSON-RPC error codes and messages
+ * @see https://json-rpc.dev/docs/reference/error-codes
+ */ const JSON_RPC_ERRORS = {
+    INTERNAL_ERROR: {
+        code: -32603,
+        message: 'Internal error',
+        httpStatus: 500
+    },
+    AUTHENTICATION_REQUIRED: {
+        code: -32e3,
+        message: 'Authentication required',
+        httpStatus: 401
+    },
+    METHOD_NOT_ALLOWED: {
+        code: -32601,
+        message: 'Method not allowed',
+        httpStatus: 405
+    }
+};
+
+exports.JSON_RPC_ERRORS = JSON_RPC_ERRORS;
+//# sourceMappingURL=jsonRpcErrors.js.map

package/dist/services/mcp/utils/jsonRpcErrors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jsonRpcErrors.js","sources":["../../../../src/services/mcp/utils/jsonRpcErrors.ts"],"sourcesContent":["/**\n * JSON-RPC error codes and messages\n * @see https://json-rpc.dev/docs/reference/error-codes\n */\nexport const JSON_RPC_ERRORS = {\n  INTERNAL_ERROR: {\n    code: -32603, // \tInternal error\n    message: 'Internal error',\n    httpStatus: 500,\n  },\n  AUTHENTICATION_REQUIRED: {\n    code: -32000, // Server error\n    message: 'Authentication required',\n    httpStatus: 401,\n  },\n  METHOD_NOT_ALLOWED: {\n    code: -32601, // Method not found\n    message: 'Method not allowed',\n    httpStatus: 405,\n  },\n} as const;\n"],"names":["JSON_RPC_ERRORS","INTERNAL_ERROR","code","message","httpStatus","AUTHENTICATION_REQUIRED","METHOD_NOT_ALLOWED"],"mappings":";;AAAA;;;UAIaA,eAAAA,GAAkB;IAC7BC,cAAAA,EAAgB;AACdC,QAAAA,IAAAA,EAAM,MAAC;QACPC,OAAAA,EAAS,gBAAA;QACTC,UAAAA,EAAY;AACd,KAAA;IACAC,uBAAAA,EAAyB;AACvBH,QAAAA,IAAAA,EAAM,KAAC;QACPC,OAAAA,EAAS,yBAAA;QACTC,UAAAA,EAAY;AACd,KAAA;IACAE,kBAAAA,EAAoB;AAClBJ,QAAAA,IAAAA,EAAM,MAAC;QACPC,OAAAA,EAAS,oBAAA;QACTC,UAAAA,EAAY;AACd;AACF;;;;"}

package/dist/services/mcp/utils/jsonRpcErrors.mjs

@@ -0,0 +1,23 @@
+/**
+ * JSON-RPC error codes and messages
+ * @see https://json-rpc.dev/docs/reference/error-codes
+ */ const JSON_RPC_ERRORS = {
+    INTERNAL_ERROR: {
+        code: -32603,
+        message: 'Internal error',
+        httpStatus: 500
+    },
+    AUTHENTICATION_REQUIRED: {
+        code: -32e3,
+        message: 'Authentication required',
+        httpStatus: 401
+    },
+    METHOD_NOT_ALLOWED: {
+        code: -32601,
+        message: 'Method not allowed',
+        httpStatus: 405
+    }
+};
+
+export { JSON_RPC_ERRORS };
+//# sourceMappingURL=jsonRpcErrors.mjs.map

package/dist/services/mcp/utils/jsonRpcErrors.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"jsonRpcErrors.mjs","sources":["../../../../src/services/mcp/utils/jsonRpcErrors.ts"],"sourcesContent":["/**\n * JSON-RPC error codes and messages\n * @see https://json-rpc.dev/docs/reference/error-codes\n */\nexport const JSON_RPC_ERRORS = {\n  INTERNAL_ERROR: {\n    code: -32603, // \tInternal error\n    message: 'Internal error',\n    httpStatus: 500,\n  },\n  AUTHENTICATION_REQUIRED: {\n    code: -32000, // Server error\n    message: 'Authentication required',\n    httpStatus: 401,\n  },\n  METHOD_NOT_ALLOWED: {\n    code: -32601, // Method not found\n    message: 'Method not allowed',\n    httpStatus: 405,\n  },\n} as const;\n"],"names":["JSON_RPC_ERRORS","INTERNAL_ERROR","code","message","httpStatus","AUTHENTICATION_REQUIRED","METHOD_NOT_ALLOWED"],"mappings":"AAAA;;;UAIaA,eAAAA,GAAkB;IAC7BC,cAAAA,EAAgB;AACdC,QAAAA,IAAAA,EAAM,MAAC;QACPC,OAAAA,EAAS,gBAAA;QACTC,UAAAA,EAAY;AACd,KAAA;IACAC,uBAAAA,EAAyB;AACvBH,QAAAA,IAAAA,EAAM,KAAC;QACPC,OAAAA,EAAS,yBAAA;QACTC,UAAAA,EAAY;AACd,KAAA;IACAE,kBAAAA,EAAoB;AAClBJ,QAAAA,IAAAA,EAAM,MAAC;QACPC,OAAAA,EAAS,oBAAA;QACTC,UAAAA,EAAY;AACd;AACF;;;;"}

package/dist/services/mcp/utils/safeHandlerWrapper.d.ts

@@ -0,0 +1,18 @@
+import type { Core } from '@strapi/types';
+/**
+ * Wraps an MCP capability handler to catch and log errors from user-provided callbacks.
+ *
+ * This prevents externally-registered capabilities (from plugin developers)
+ * from crashing Strapi core when they throw during execution.
+ *
+ * Errors are:
+ * - Logged with full detail (message + stack) via Strapi's logger
+ * - Returned to the MCP client as a safe error response (no stack trace leak)
+ */
+export declare const wrapSafeHandler: <TArgs extends unknown[], TResult>(handler: (...args: TArgs) => Promise<TResult>, options: {
+    strapi: Core.Strapi;
+    capabilityType: string;
+    name: string;
+    createErrorResult: (error: Error, args: TArgs) => TResult;
+}) => ((...args: TArgs) => Promise<TResult>);
+//# sourceMappingURL=safeHandlerWrapper.d.ts.map

package/dist/services/mcp/utils/safeHandlerWrapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"safeHandlerWrapper.d.ts","sourceRoot":"","sources":["../../../../src/services/mcp/utils/safeHandlerWrapper.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAE1C;;;;;;;;;GASG;AACH,eAAO,MAAM,eAAe,8CACjB,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,QAAQ,OAAO,CAAC,WACpC;IACP,MAAM,EAAE,KAAK,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,iBAAiB,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC;CAC3D,KACA,CAAC,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,QAAQ,OAAO,CAAC,CAoBvC,CAAC"}

package/dist/services/mcp/utils/safeHandlerWrapper.js

@@ -0,0 +1,29 @@
+'use strict';
+
+/**
+ * Wraps an MCP capability handler to catch and log errors from user-provided callbacks.
+ *
+ * This prevents externally-registered capabilities (from plugin developers)
+ * from crashing Strapi core when they throw during execution.
+ *
+ * Errors are:
+ * - Logged with full detail (message + stack) via Strapi's logger
+ * - Returned to the MCP client as a safe error response (no stack trace leak)
+ */ const wrapSafeHandler = (handler, options)=>{
+    const { strapi, capabilityType, name, createErrorResult } = options;
+    return async (...args)=>{
+        try {
+            return await handler(...args);
+        } catch (error) {
+            const normalized = error instanceof Error ? error : new Error(String(error));
+            strapi.log.error(`[MCP] ${capabilityType} "${name}" threw an error during execution: ${normalized.message}`, {
+                error: normalized.message,
+                stack: normalized.stack
+            });
+            return createErrorResult(normalized, args);
+        }
+    };
+};
+
+exports.wrapSafeHandler = wrapSafeHandler;
+//# sourceMappingURL=safeHandlerWrapper.js.map

package/dist/services/mcp/utils/safeHandlerWrapper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"safeHandlerWrapper.js","sources":["../../../../src/services/mcp/utils/safeHandlerWrapper.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\n/**\n * Wraps an MCP capability handler to catch and log errors from user-provided callbacks.\n *\n * This prevents externally-registered capabilities (from plugin developers)\n * from crashing Strapi core when they throw during execution.\n *\n * Errors are:\n * - Logged with full detail (message + stack) via Strapi's logger\n * - Returned to the MCP client as a safe error response (no stack trace leak)\n */\nexport const wrapSafeHandler = <TArgs extends unknown[], TResult>(\n  handler: (...args: TArgs) => Promise<TResult>,\n  options: {\n    strapi: Core.Strapi;\n    capabilityType: string;\n    name: string;\n    createErrorResult: (error: Error, args: TArgs) => TResult;\n  }\n): ((...args: TArgs) => Promise<TResult>) => {\n  const { strapi, capabilityType, name, createErrorResult } = options;\n\n  return async (...args: TArgs): Promise<TResult> => {\n    try {\n      return await handler(...args);\n    } catch (error) {\n      const normalized = error instanceof Error ? error : new Error(String(error));\n\n      strapi.log.error(\n        `[MCP] ${capabilityType} \"${name}\" threw an error during execution: ${normalized.message}`,\n        {\n          error: normalized.message,\n          stack: normalized.stack,\n        }\n      );\n\n      return createErrorResult(normalized, args);\n    }\n  };\n};\n"],"names":["wrapSafeHandler","handler","options","strapi","capabilityType","name","createErrorResult","args","error","normalized","Error","String","log","message","stack"],"mappings":";;AAEA;;;;;;;;;AASC,IACM,MAAMA,eAAAA,GAAkB,CAC7BC,OAAAA,EACAC,OAAAA,GAAAA;IAOA,MAAM,EAAEC,MAAM,EAAEC,cAAc,EAAEC,IAAI,EAAEC,iBAAiB,EAAE,GAAGJ,OAAAA;AAE5D,IAAA,OAAO,OAAO,GAAGK,IAAAA,GAAAA;QACf,IAAI;AACF,YAAA,OAAO,MAAMN,OAAAA,CAAAA,GAAWM,IAAAA,CAAAA;AAC1B,QAAA,CAAA,CAAE,OAAOC,KAAAA,EAAO;AACd,YAAA,MAAMC,aAAaD,KAAAA,YAAiBE,KAAAA,GAAQF,KAAAA,GAAQ,IAAIE,MAAMC,MAAAA,CAAOH,KAAAA,CAAAA,CAAAA;AAErEL,YAAAA,MAAAA,CAAOS,GAAG,CAACJ,KAAK,CACd,CAAC,MAAM,EAAEJ,cAAAA,CAAe,EAAE,EAAEC,KAAK,mCAAmC,EAAEI,UAAAA,CAAWI,OAAO,EAAE,EAC1F;AACEL,gBAAAA,KAAAA,EAAOC,WAAWI,OAAO;AACzBC,gBAAAA,KAAAA,EAAOL,WAAWK;AACpB,aAAA,CAAA;AAGF,YAAA,OAAOR,kBAAkBG,UAAAA,EAAYF,IAAAA,CAAAA;AACvC,QAAA;AACF,IAAA,CAAA;AACF;;;;"}

package/dist/services/mcp/utils/safeHandlerWrapper.mjs

@@ -0,0 +1,27 @@
+/**
+ * Wraps an MCP capability handler to catch and log errors from user-provided callbacks.
+ *
+ * This prevents externally-registered capabilities (from plugin developers)
+ * from crashing Strapi core when they throw during execution.
+ *
+ * Errors are:
+ * - Logged with full detail (message + stack) via Strapi's logger
+ * - Returned to the MCP client as a safe error response (no stack trace leak)
+ */ const wrapSafeHandler = (handler, options)=>{
+    const { strapi, capabilityType, name, createErrorResult } = options;
+    return async (...args)=>{
+        try {
+            return await handler(...args);
+        } catch (error) {
+            const normalized = error instanceof Error ? error : new Error(String(error));
+            strapi.log.error(`[MCP] ${capabilityType} "${name}" threw an error during execution: ${normalized.message}`, {
+                error: normalized.message,
+                stack: normalized.stack
+            });
+            return createErrorResult(normalized, args);
+        }
+    };
+};
+
+export { wrapSafeHandler };
+//# sourceMappingURL=safeHandlerWrapper.mjs.map

package/dist/services/mcp/utils/safeHandlerWrapper.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"safeHandlerWrapper.mjs","sources":["../../../../src/services/mcp/utils/safeHandlerWrapper.ts"],"sourcesContent":["import type { Core } from '@strapi/types';\n\n/**\n * Wraps an MCP capability handler to catch and log errors from user-provided callbacks.\n *\n * This prevents externally-registered capabilities (from plugin developers)\n * from crashing Strapi core when they throw during execution.\n *\n * Errors are:\n * - Logged with full detail (message + stack) via Strapi's logger\n * - Returned to the MCP client as a safe error response (no stack trace leak)\n */\nexport const wrapSafeHandler = <TArgs extends unknown[], TResult>(\n  handler: (...args: TArgs) => Promise<TResult>,\n  options: {\n    strapi: Core.Strapi;\n    capabilityType: string;\n    name: string;\n    createErrorResult: (error: Error, args: TArgs) => TResult;\n  }\n): ((...args: TArgs) => Promise<TResult>) => {\n  const { strapi, capabilityType, name, createErrorResult } = options;\n\n  return async (...args: TArgs): Promise<TResult> => {\n    try {\n      return await handler(...args);\n    } catch (error) {\n      const normalized = error instanceof Error ? error : new Error(String(error));\n\n      strapi.log.error(\n        `[MCP] ${capabilityType} \"${name}\" threw an error during execution: ${normalized.message}`,\n        {\n          error: normalized.message,\n          stack: normalized.stack,\n        }\n      );\n\n      return createErrorResult(normalized, args);\n    }\n  };\n};\n"],"names":["wrapSafeHandler","handler","options","strapi","capabilityType","name","createErrorResult","args","error","normalized","Error","String","log","message","stack"],"mappings":"AAEA;;;;;;;;;AASC,IACM,MAAMA,eAAAA,GAAkB,CAC7BC,OAAAA,EACAC,OAAAA,GAAAA;IAOA,MAAM,EAAEC,MAAM,EAAEC,cAAc,EAAEC,IAAI,EAAEC,iBAAiB,EAAE,GAAGJ,OAAAA;AAE5D,IAAA,OAAO,OAAO,GAAGK,IAAAA,GAAAA;QACf,IAAI;AACF,YAAA,OAAO,MAAMN,OAAAA,CAAAA,GAAWM,IAAAA,CAAAA;AAC1B,QAAA,CAAA,CAAE,OAAOC,KAAAA,EAAO;AACd,YAAA,MAAMC,aAAaD,KAAAA,YAAiBE,KAAAA,GAAQF,KAAAA,GAAQ,IAAIE,MAAMC,MAAAA,CAAOH,KAAAA,CAAAA,CAAAA;AAErEL,YAAAA,MAAAA,CAAOS,GAAG,CAACJ,KAAK,CACd,CAAC,MAAM,EAAEJ,cAAAA,CAAe,EAAE,EAAEC,KAAK,mCAAmC,EAAEI,UAAAA,CAAWI,OAAO,EAAE,EAC1F;AACEL,gBAAAA,KAAAA,EAAOC,WAAWI,OAAO;AACzBC,gBAAAA,KAAAA,EAAOL,WAAWK;AACpB,aAAA,CAAA;AAGF,YAAA,OAAOR,kBAAkBG,UAAAA,EAAYF,IAAAA,CAAAA;AACvC,QAAA;AACF,IAAA,CAAA;AACF;;;;"}

package/dist/services/mcp/utils/sendJsonRpcError.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="node" />
+import type { ServerResponse } from 'node:http';
+import { JSON_RPC_ERRORS } from './jsonRpcErrors';
+export declare const sendJsonRpcError: (res: ServerResponse, errorKey: keyof typeof JSON_RPC_ERRORS, customMessage?: string) => void;
+//# sourceMappingURL=sendJsonRpcError.d.ts.map

package/dist/services/mcp/utils/sendJsonRpcError.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sendJsonRpcError.d.ts","sourceRoot":"","sources":["../../../../src/services/mcp/utils/sendJsonRpcError.ts"],"names":[],"mappings":";AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,eAAO,MAAM,gBAAgB,QACtB,cAAc,YACT,MAAM,sBAAsB,kBACtB,MAAM,KACrB,IAaF,CAAC"}

package/dist/services/mcp/utils/sendJsonRpcError.js

@@ -0,0 +1,23 @@
+'use strict';
+
+var jsonRpcErrors = require('./jsonRpcErrors.js');
+
+const sendJsonRpcError = (res, errorKey, customMessage)=>{
+    if (res.headersSent === false) {
+        const { code, message, httpStatus } = jsonRpcErrors.JSON_RPC_ERRORS[errorKey];
+        res.writeHead(httpStatus, {
+            'Content-Type': 'application/json'
+        });
+        res.end(JSON.stringify({
+            jsonrpc: '2.0',
+            error: {
+                code,
+                message: message
+            },
+            id: null
+        }));
+    }
+};
+
+exports.sendJsonRpcError = sendJsonRpcError;
+//# sourceMappingURL=sendJsonRpcError.js.map

package/dist/services/mcp/utils/sendJsonRpcError.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sendJsonRpcError.js","sources":["../../../../src/services/mcp/utils/sendJsonRpcError.ts"],"sourcesContent":["import type { ServerResponse } from 'node:http';\nimport { JSON_RPC_ERRORS } from './jsonRpcErrors';\n\nexport const sendJsonRpcError = (\n  res: ServerResponse,\n  errorKey: keyof typeof JSON_RPC_ERRORS,\n  customMessage?: string\n): void => {\n  if (res.headersSent === false) {\n    const { code, message, httpStatus } = JSON_RPC_ERRORS[errorKey];\n\n    res.writeHead(httpStatus, { 'Content-Type': 'application/json' });\n    res.end(\n      JSON.stringify({\n        jsonrpc: '2.0',\n        error: { code, message: customMessage ?? message },\n        id: null,\n      })\n    );\n  }\n};\n"],"names":["sendJsonRpcError","res","errorKey","customMessage","headersSent","code","message","httpStatus","JSON_RPC_ERRORS","writeHead","end","JSON","stringify","jsonrpc","error","id"],"mappings":";;;;AAGO,MAAMA,gBAAAA,GAAmB,CAC9BC,GAAAA,EACAC,QAAAA,EACAC,aAAAA,GAAAA;IAEA,IAAIF,GAAAA,CAAIG,WAAW,KAAK,KAAA,EAAO;QAC7B,MAAM,EAAEC,IAAI,EAAEC,OAAO,EAAEC,UAAU,EAAE,GAAGC,6BAAe,CAACN,QAAAA,CAAS;QAE/DD,GAAAA,CAAIQ,SAAS,CAACF,UAAAA,EAAY;YAAE,cAAA,EAAgB;AAAmB,SAAA,CAAA;AAC/DN,QAAAA,GAAAA,CAAIS,GAAG,CACLC,IAAAA,CAAKC,SAAS,CAAC;YACbC,OAAAA,EAAS,KAAA;YACTC,KAAAA,EAAO;AAAET,gBAAAA,IAAAA;AAAMC,gBAAAA,OAAAA,EAA0BA;AAAQ,aAAA;YACjDS,EAAAA,EAAI;AACN,SAAA,CAAA,CAAA;AAEJ,IAAA;AACF;;;;"}

package/dist/services/mcp/utils/sendJsonRpcError.mjs

@@ -0,0 +1,21 @@
+import { JSON_RPC_ERRORS } from './jsonRpcErrors.mjs';
+
+const sendJsonRpcError = (res, errorKey, customMessage)=>{
+    if (res.headersSent === false) {
+        const { code, message, httpStatus } = JSON_RPC_ERRORS[errorKey];
+        res.writeHead(httpStatus, {
+            'Content-Type': 'application/json'
+        });
+        res.end(JSON.stringify({
+            jsonrpc: '2.0',
+            error: {
+                code,
+                message: message
+            },
+            id: null
+        }));
+    }
+};
+
+export { sendJsonRpcError };
+//# sourceMappingURL=sendJsonRpcError.mjs.map

package/dist/services/mcp/utils/sendJsonRpcError.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"sendJsonRpcError.mjs","sources":["../../../../src/services/mcp/utils/sendJsonRpcError.ts"],"sourcesContent":["import type { ServerResponse } from 'node:http';\nimport { JSON_RPC_ERRORS } from './jsonRpcErrors';\n\nexport const sendJsonRpcError = (\n  res: ServerResponse,\n  errorKey: keyof typeof JSON_RPC_ERRORS,\n  customMessage?: string\n): void => {\n  if (res.headersSent === false) {\n    const { code, message, httpStatus } = JSON_RPC_ERRORS[errorKey];\n\n    res.writeHead(httpStatus, { 'Content-Type': 'application/json' });\n    res.end(\n      JSON.stringify({\n        jsonrpc: '2.0',\n        error: { code, message: customMessage ?? message },\n        id: null,\n      })\n    );\n  }\n};\n"],"names":["sendJsonRpcError","res","errorKey","customMessage","headersSent","code","message","httpStatus","JSON_RPC_ERRORS","writeHead","end","JSON","stringify","jsonrpc","error","id"],"mappings":";;AAGO,MAAMA,gBAAAA,GAAmB,CAC9BC,GAAAA,EACAC,QAAAA,EACAC,aAAAA,GAAAA;IAEA,IAAIF,GAAAA,CAAIG,WAAW,KAAK,KAAA,EAAO;QAC7B,MAAM,EAAEC,IAAI,EAAEC,OAAO,EAAEC,UAAU,EAAE,GAAGC,eAAe,CAACN,QAAAA,CAAS;QAE/DD,GAAAA,CAAIQ,SAAS,CAACF,UAAAA,EAAY;YAAE,cAAA,EAAgB;AAAmB,SAAA,CAAA;AAC/DN,QAAAA,GAAAA,CAAIS,GAAG,CACLC,IAAAA,CAAKC,SAAS,CAAC;YACbC,OAAAA,EAAS,KAAA;YACTC,KAAAA,EAAO;AAAET,gBAAAA,IAAAA;AAAMC,gBAAAA,OAAAA,EAA0BA;AAAQ,aAAA;YACjDS,EAAAA,EAAI;AACN,SAAA,CAAA,CAAA;AAEJ,IAAA;AACF;;;;"}

package/dist/services/mcp/utils/withTimeout.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Wraps a promise with a timeout to prevent hanging operations.
+ * The internal timer is always cleared once the race settles, preventing
+ * ref'd timer handles from keeping the event loop alive after the operation completes.
+ */
+export declare const withTimeout: <T>(promise: Promise<T>, timeoutMs: number, operation: string) => Promise<T>;
+//# sourceMappingURL=withTimeout.d.ts.map

package/dist/services/mcp/utils/withTimeout.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"withTimeout.d.ts","sourceRoot":"","sources":["../../../../src/services/mcp/utils/withTimeout.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,eAAO,MAAM,WAAW,eACb,QAAQ,CAAC,CAAC,aACR,MAAM,aACN,MAAM,KAChB,QAAQ,CAAC,CAYX,CAAC"}

package/dist/services/mcp/utils/withTimeout.js

@@ -0,0 +1,23 @@
+'use strict';
+
+/**
+ * Wraps a promise with a timeout to prevent hanging operations.
+ * The internal timer is always cleared once the race settles, preventing
+ * ref'd timer handles from keeping the event loop alive after the operation completes.
+ */ const withTimeout = (promise, timeoutMs, operation)=>{
+    let timeoutId;
+    const timeoutPromise = new Promise((_, reject)=>{
+        timeoutId = setTimeout(()=>{
+            reject(new Error(`Operation '${operation}' timed out after ${timeoutMs}ms`));
+        }, timeoutMs);
+    });
+    return Promise.race([
+        promise,
+        timeoutPromise
+    ]).finally(()=>{
+        clearTimeout(timeoutId);
+    });
+};
+
+exports.withTimeout = withTimeout;
+//# sourceMappingURL=withTimeout.js.map

package/dist/services/mcp/utils/withTimeout.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"withTimeout.js","sources":["../../../../src/services/mcp/utils/withTimeout.ts"],"sourcesContent":["/**\n * Wraps a promise with a timeout to prevent hanging operations.\n * The internal timer is always cleared once the race settles, preventing\n * ref'd timer handles from keeping the event loop alive after the operation completes.\n */\nexport const withTimeout = <T>(\n  promise: Promise<T>,\n  timeoutMs: number,\n  operation: string\n): Promise<T> => {\n  let timeoutId: ReturnType<typeof setTimeout>;\n\n  const timeoutPromise = new Promise<T>((_, reject) => {\n    timeoutId = setTimeout(() => {\n      reject(new Error(`Operation '${operation}' timed out after ${timeoutMs}ms`));\n    }, timeoutMs);\n  });\n\n  return Promise.race([promise, timeoutPromise]).finally(() => {\n    clearTimeout(timeoutId);\n  });\n};\n"],"names":["withTimeout","promise","timeoutMs","operation","timeoutId","timeoutPromise","Promise","_","reject","setTimeout","Error","race","finally","clearTimeout"],"mappings":";;AAAA;;;;AAIC,IACM,MAAMA,WAAAA,GAAc,CACzBC,SACAC,SAAAA,EACAC,SAAAA,GAAAA;IAEA,IAAIC,SAAAA;AAEJ,IAAA,MAAMC,cAAAA,GAAiB,IAAIC,OAAAA,CAAW,CAACC,CAAAA,EAAGC,MAAAA,GAAAA;AACxCJ,QAAAA,SAAAA,GAAYK,UAAAA,CAAW,IAAA;YACrBD,MAAAA,CAAO,IAAIE,KAAAA,CAAM,CAAC,WAAW,EAAEP,UAAU,kBAAkB,EAAED,SAAAA,CAAU,EAAE,CAAC,CAAA,CAAA;QAC5E,CAAA,EAAGA,SAAAA,CAAAA;AACL,IAAA,CAAA,CAAA;IAEA,OAAOI,OAAAA,CAAQK,IAAI,CAAC;AAACV,QAAAA,OAAAA;AAASI,QAAAA;AAAe,KAAA,CAAA,CAAEO,OAAO,CAAC,IAAA;QACrDC,YAAAA,CAAaT,SAAAA,CAAAA;AACf,IAAA,CAAA,CAAA;AACF;;;;"}

package/dist/services/mcp/utils/withTimeout.mjs

@@ -0,0 +1,21 @@
+/**
+ * Wraps a promise with a timeout to prevent hanging operations.
+ * The internal timer is always cleared once the race settles, preventing
+ * ref'd timer handles from keeping the event loop alive after the operation completes.
+ */ const withTimeout = (promise, timeoutMs, operation)=>{
+    let timeoutId;
+    const timeoutPromise = new Promise((_, reject)=>{
+        timeoutId = setTimeout(()=>{
+            reject(new Error(`Operation '${operation}' timed out after ${timeoutMs}ms`));
+        }, timeoutMs);
+    });
+    return Promise.race([
+        promise,
+        timeoutPromise
+    ]).finally(()=>{
+        clearTimeout(timeoutId);
+    });
+};
+
+export { withTimeout };
+//# sourceMappingURL=withTimeout.mjs.map

package/dist/services/mcp/utils/withTimeout.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"withTimeout.mjs","sources":["../../../../src/services/mcp/utils/withTimeout.ts"],"sourcesContent":["/**\n * Wraps a promise with a timeout to prevent hanging operations.\n * The internal timer is always cleared once the race settles, preventing\n * ref'd timer handles from keeping the event loop alive after the operation completes.\n */\nexport const withTimeout = <T>(\n  promise: Promise<T>,\n  timeoutMs: number,\n  operation: string\n): Promise<T> => {\n  let timeoutId: ReturnType<typeof setTimeout>;\n\n  const timeoutPromise = new Promise<T>((_, reject) => {\n    timeoutId = setTimeout(() => {\n      reject(new Error(`Operation '${operation}' timed out after ${timeoutMs}ms`));\n    }, timeoutMs);\n  });\n\n  return Promise.race([promise, timeoutPromise]).finally(() => {\n    clearTimeout(timeoutId);\n  });\n};\n"],"names":["withTimeout","promise","timeoutMs","operation","timeoutId","timeoutPromise","Promise","_","reject","setTimeout","Error","race","finally","clearTimeout"],"mappings":"AAAA;;;;AAIC,IACM,MAAMA,WAAAA,GAAc,CACzBC,SACAC,SAAAA,EACAC,SAAAA,GAAAA;IAEA,IAAIC,SAAAA;AAEJ,IAAA,MAAMC,cAAAA,GAAiB,IAAIC,OAAAA,CAAW,CAACC,CAAAA,EAAGC,MAAAA,GAAAA;AACxCJ,QAAAA,SAAAA,GAAYK,UAAAA,CAAW,IAAA;YACrBD,MAAAA,CAAO,IAAIE,KAAAA,CAAM,CAAC,WAAW,EAAEP,UAAU,kBAAkB,EAAED,SAAAA,CAAU,EAAE,CAAC,CAAA,CAAA;QAC5E,CAAA,EAAGA,SAAAA,CAAAA;AACL,IAAA,CAAA,CAAA;IAEA,OAAOI,OAAAA,CAAQK,IAAI,CAAC;AAACV,QAAAA,OAAAA;AAASI,QAAAA;AAAe,KAAA,CAAA,CAAEO,OAAO,CAAC,IAAA;QACrDC,YAAAA,CAAaT,SAAAA,CAAAA;AACf,IAAA,CAAA,CAAA;AACF;;;;"}

package/dist/services/metrics/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/metrics/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAe1C,QAAA,MAAM,uBAAuB,WAAY,KAAK,MAAM;;;;gBA6B9B,MAAM,YAAW,OAAO,MAAM,EAAE,OAAO,CAAC;;CAS7D,CAAC;AAEF,eAAe,uBAAuB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/metrics/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AAiB1C,QAAA,MAAM,uBAAuB,WAAY,KAAK,MAAM;;;;gBA6B9B,MAAM,YAAW,OAAO,MAAM,EAAE,OAAO,CAAC;;CAS7D,CAAC;AAEF,eAAe,uBAAuB,CAAC"}

package/dist/services/metrics/index.js

@@ -4,13 +4,15 @@ var rateLimiter = require('./rate-limiter.js');
 var sender = require('./sender.js');
 var middleware = require('./middleware.js');
 var isTruthy = require('./is-truthy.js');
+var metrics = require('../mcp/metrics/metrics.js');
 
 const LIMITED_EVENTS = [
     'didSaveMediaWithAlternativeText',
     'didSaveMediaWithCaption',
     'didDisableResponsiveDimensions',
     'didEnableResponsiveDimensions',
-    'didInitializePluginUpload'
+    'didInitializePluginUpload',
+    ...Object.values(metrics.MCP_LIMITED_TELEMETRY_EVENTS)
 ];
 const createTelemetryInstance = (strapi)=>{
     const uuid = strapi.config.get('uuid');

package/dist/services/metrics/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sources":["../../../src/services/metrics/index.ts"],"sourcesContent":["/**\n * Strapi telemetry package.\n * You can learn more at https://docs.strapi.io/developer-docs/latest/getting-started/usage-information.html\n */\n\nimport type { Core } from '@strapi/types';\n\nimport wrapWithRateLimit from './rate-limiter';\nimport createSender from './sender';\nimport createMiddleware from './middleware';\nimport isTruthy from './is-truthy';\n\nconst LIMITED_EVENTS = [\n  'didSaveMediaWithAlternativeText',\n  'didSaveMediaWithCaption',\n  'didDisableResponsiveDimensions',\n  'didEnableResponsiveDimensions',\n  'didInitializePluginUpload',\n];\n\nconst createTelemetryInstance = (strapi: Core.Strapi) => {\n  const uuid = strapi.config.get('uuid');\n  const telemetryDisabled = strapi.config.get('packageJsonStrapi.telemetryDisabled');\n  const isDisabled =\n    !uuid || isTruthy(process.env.STRAPI_TELEMETRY_DISABLED) || isTruthy(telemetryDisabled);\n\n  const sender = createSender(strapi);\n  const sendEvent = wrapWithRateLimit(sender, { limitedEvents: LIMITED_EVENTS });\n\n  return {\n    get isDisabled() {\n      return isDisabled;\n    },\n\n    register() {\n      if (!isDisabled) {\n        strapi.cron.add({\n          sendPingEvent: {\n            task: () => sendEvent('ping'),\n            options: '0 0 12 * * *',\n          },\n        });\n\n        strapi.server.use(createMiddleware({ sendEvent, strapi }));\n      }\n    },\n\n    bootstrap() {},\n\n    async send(event: string, payload: Record<string, unknown> = {}) {\n      if (isDisabled) return true;\n      return sendEvent(event, payload);\n    },\n\n    destroy() {\n      // Clean up resources if needed\n    },\n  };\n};\n\nexport default createTelemetryInstance;\n"],"names":["LIMITED_EVENTS","createTelemetryInstance","strapi","uuid","config","get","telemetryDisabled","isDisabled","isTruthy","process","env","STRAPI_TELEMETRY_DISABLED","sender","createSender","sendEvent","wrapWithRateLimit","limitedEvents","register","cron","add","sendPingEvent","task","options","server","use","createMiddleware","bootstrap","send","event","payload","destroy"],"mappings":";;;;;;;AAYA,MAAMA,cAAAA,GAAiB;AACrB,IAAA,iCAAA;AACA,IAAA,yBAAA;AACA,IAAA,gCAAA;AACA,IAAA,+BAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,0BAA0B,CAACC,MAAAA,GAAAA;AAC/B,IAAA,MAAMC,IAAAA,GAAOD,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,MAAA,CAAA;AAC/B,IAAA,MAAMC,iBAAAA,GAAoBJ,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA;IAC5C,MAAME,UAAAA,GACJ,CAACJ,IAAAA,IAAQK,QAAAA,CAASC,QAAQC,GAAG,CAACC,yBAAyB,CAAA,IAAKH,QAAAA,CAASF,iBAAAA,CAAAA;AAEvE,IAAA,MAAMM,WAASC,MAAAA,CAAaX,MAAAA,CAAAA;IAC5B,MAAMY,SAAAA,GAAYC,YAAkBH,QAAAA,EAAQ;QAAEI,aAAAA,EAAehB;AAAe,KAAA,CAAA;IAE5E,OAAO;AACL,QAAA,IAAIO,UAAAA,CAAAA,GAAa;YACf,OAAOA,UAAAA;AACT,QAAA,CAAA;AAEAU,QAAAA,QAAAA,CAAAA,GAAAA;AACE,YAAA,IAAI,CAACV,UAAAA,EAAY;gBACfL,MAAAA,CAAOgB,IAAI,CAACC,GAAG,CAAC;oBACdC,aAAAA,EAAe;AACbC,wBAAAA,IAAAA,EAAM,IAAMP,SAAAA,CAAU,MAAA,CAAA;wBACtBQ,OAAAA,EAAS;AACX;AACF,iBAAA,CAAA;AAEApB,gBAAAA,MAAAA,CAAOqB,MAAM,CAACC,GAAG,CAACC,UAAAA,CAAiB;AAAEX,oBAAAA,SAAAA;AAAWZ,oBAAAA;AAAO,iBAAA,CAAA,CAAA;AACzD,YAAA;AACF,QAAA,CAAA;QAEAwB,SAAAA,CAAAA,GAAAA,CAAa,CAAA;AAEb,QAAA,MAAMC,IAAAA,CAAAA,CAAKC,KAAa,EAAEC,OAAAA,GAAmC,EAAE,EAAA;AAC7D,YAAA,IAAItB,YAAY,OAAO,IAAA;AACvB,YAAA,OAAOO,UAAUc,KAAAA,EAAOC,OAAAA,CAAAA;AAC1B,QAAA,CAAA;AAEAC,QAAAA,OAAAA,CAAAA,GAAAA;;AAEA,QAAA;AACF,KAAA;AACF;;;;"}
+{"version":3,"file":"index.js","sources":["../../../src/services/metrics/index.ts"],"sourcesContent":["/**\n * Strapi telemetry package.\n * You can learn more at https://docs.strapi.io/developer-docs/latest/getting-started/usage-information.html\n */\n\nimport type { Core } from '@strapi/types';\n\nimport wrapWithRateLimit from './rate-limiter';\nimport createSender from './sender';\nimport createMiddleware from './middleware';\nimport isTruthy from './is-truthy';\nimport { MCP_LIMITED_TELEMETRY_EVENTS } from '../mcp/metrics/metrics';\n\nconst LIMITED_EVENTS = [\n  'didSaveMediaWithAlternativeText',\n  'didSaveMediaWithCaption',\n  'didDisableResponsiveDimensions',\n  'didEnableResponsiveDimensions',\n  'didInitializePluginUpload',\n  ...Object.values(MCP_LIMITED_TELEMETRY_EVENTS),\n];\n\nconst createTelemetryInstance = (strapi: Core.Strapi) => {\n  const uuid = strapi.config.get('uuid');\n  const telemetryDisabled = strapi.config.get('packageJsonStrapi.telemetryDisabled');\n  const isDisabled =\n    !uuid || isTruthy(process.env.STRAPI_TELEMETRY_DISABLED) || isTruthy(telemetryDisabled);\n\n  const sender = createSender(strapi);\n  const sendEvent = wrapWithRateLimit(sender, { limitedEvents: LIMITED_EVENTS });\n\n  return {\n    get isDisabled() {\n      return isDisabled;\n    },\n\n    register() {\n      if (!isDisabled) {\n        strapi.cron.add({\n          sendPingEvent: {\n            task: () => sendEvent('ping'),\n            options: '0 0 12 * * *',\n          },\n        });\n\n        strapi.server.use(createMiddleware({ sendEvent, strapi }));\n      }\n    },\n\n    bootstrap() {},\n\n    async send(event: string, payload: Record<string, unknown> = {}) {\n      if (isDisabled) return true;\n      return sendEvent(event, payload);\n    },\n\n    destroy() {\n      // Clean up resources if needed\n    },\n  };\n};\n\nexport default createTelemetryInstance;\n"],"names":["LIMITED_EVENTS","Object","values","MCP_LIMITED_TELEMETRY_EVENTS","createTelemetryInstance","strapi","uuid","config","get","telemetryDisabled","isDisabled","isTruthy","process","env","STRAPI_TELEMETRY_DISABLED","sender","createSender","sendEvent","wrapWithRateLimit","limitedEvents","register","cron","add","sendPingEvent","task","options","server","use","createMiddleware","bootstrap","send","event","payload","destroy"],"mappings":";;;;;;;;AAaA,MAAMA,cAAAA,GAAiB;AACrB,IAAA,iCAAA;AACA,IAAA,yBAAA;AACA,IAAA,gCAAA;AACA,IAAA,+BAAA;AACA,IAAA,2BAAA;AACGC,IAAAA,GAAAA,MAAAA,CAAOC,MAAM,CAACC,oCAAAA;AAClB,CAAA;AAED,MAAMC,0BAA0B,CAACC,MAAAA,GAAAA;AAC/B,IAAA,MAAMC,IAAAA,GAAOD,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,MAAA,CAAA;AAC/B,IAAA,MAAMC,iBAAAA,GAAoBJ,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA;IAC5C,MAAME,UAAAA,GACJ,CAACJ,IAAAA,IAAQK,QAAAA,CAASC,QAAQC,GAAG,CAACC,yBAAyB,CAAA,IAAKH,QAAAA,CAASF,iBAAAA,CAAAA;AAEvE,IAAA,MAAMM,WAASC,MAAAA,CAAaX,MAAAA,CAAAA;IAC5B,MAAMY,SAAAA,GAAYC,YAAkBH,QAAAA,EAAQ;QAAEI,aAAAA,EAAenB;AAAe,KAAA,CAAA;IAE5E,OAAO;AACL,QAAA,IAAIU,UAAAA,CAAAA,GAAa;YACf,OAAOA,UAAAA;AACT,QAAA,CAAA;AAEAU,QAAAA,QAAAA,CAAAA,GAAAA;AACE,YAAA,IAAI,CAACV,UAAAA,EAAY;gBACfL,MAAAA,CAAOgB,IAAI,CAACC,GAAG,CAAC;oBACdC,aAAAA,EAAe;AACbC,wBAAAA,IAAAA,EAAM,IAAMP,SAAAA,CAAU,MAAA,CAAA;wBACtBQ,OAAAA,EAAS;AACX;AACF,iBAAA,CAAA;AAEApB,gBAAAA,MAAAA,CAAOqB,MAAM,CAACC,GAAG,CAACC,UAAAA,CAAiB;AAAEX,oBAAAA,SAAAA;AAAWZ,oBAAAA;AAAO,iBAAA,CAAA,CAAA;AACzD,YAAA;AACF,QAAA,CAAA;QAEAwB,SAAAA,CAAAA,GAAAA,CAAa,CAAA;AAEb,QAAA,MAAMC,IAAAA,CAAAA,CAAKC,KAAa,EAAEC,OAAAA,GAAmC,EAAE,EAAA;AAC7D,YAAA,IAAItB,YAAY,OAAO,IAAA;AACvB,YAAA,OAAOO,UAAUc,KAAAA,EAAOC,OAAAA,CAAAA;AAC1B,QAAA,CAAA;AAEAC,QAAAA,OAAAA,CAAAA,GAAAA;;AAEA,QAAA;AACF,KAAA;AACF;;;;"}

package/dist/services/metrics/index.mjs

@@ -2,13 +2,15 @@ import wrapWithRateLimit from './rate-limiter.mjs';
 import createSender from './sender.mjs';
 import createMiddleware from './middleware.mjs';
 import isTruthy from './is-truthy.mjs';
+import { MCP_LIMITED_TELEMETRY_EVENTS } from '../mcp/metrics/metrics.mjs';
 
 const LIMITED_EVENTS = [
     'didSaveMediaWithAlternativeText',
     'didSaveMediaWithCaption',
     'didDisableResponsiveDimensions',
     'didEnableResponsiveDimensions',
-    'didInitializePluginUpload'
+    'didInitializePluginUpload',
+    ...Object.values(MCP_LIMITED_TELEMETRY_EVENTS)
 ];
 const createTelemetryInstance = (strapi)=>{
     const uuid = strapi.config.get('uuid');

package/dist/services/metrics/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","sources":["../../../src/services/metrics/index.ts"],"sourcesContent":["/**\n * Strapi telemetry package.\n * You can learn more at https://docs.strapi.io/developer-docs/latest/getting-started/usage-information.html\n */\n\nimport type { Core } from '@strapi/types';\n\nimport wrapWithRateLimit from './rate-limiter';\nimport createSender from './sender';\nimport createMiddleware from './middleware';\nimport isTruthy from './is-truthy';\n\nconst LIMITED_EVENTS = [\n  'didSaveMediaWithAlternativeText',\n  'didSaveMediaWithCaption',\n  'didDisableResponsiveDimensions',\n  'didEnableResponsiveDimensions',\n  'didInitializePluginUpload',\n];\n\nconst createTelemetryInstance = (strapi: Core.Strapi) => {\n  const uuid = strapi.config.get('uuid');\n  const telemetryDisabled = strapi.config.get('packageJsonStrapi.telemetryDisabled');\n  const isDisabled =\n    !uuid || isTruthy(process.env.STRAPI_TELEMETRY_DISABLED) || isTruthy(telemetryDisabled);\n\n  const sender = createSender(strapi);\n  const sendEvent = wrapWithRateLimit(sender, { limitedEvents: LIMITED_EVENTS });\n\n  return {\n    get isDisabled() {\n      return isDisabled;\n    },\n\n    register() {\n      if (!isDisabled) {\n        strapi.cron.add({\n          sendPingEvent: {\n            task: () => sendEvent('ping'),\n            options: '0 0 12 * * *',\n          },\n        });\n\n        strapi.server.use(createMiddleware({ sendEvent, strapi }));\n      }\n    },\n\n    bootstrap() {},\n\n    async send(event: string, payload: Record<string, unknown> = {}) {\n      if (isDisabled) return true;\n      return sendEvent(event, payload);\n    },\n\n    destroy() {\n      // Clean up resources if needed\n    },\n  };\n};\n\nexport default createTelemetryInstance;\n"],"names":["LIMITED_EVENTS","createTelemetryInstance","strapi","uuid","config","get","telemetryDisabled","isDisabled","isTruthy","process","env","STRAPI_TELEMETRY_DISABLED","sender","createSender","sendEvent","wrapWithRateLimit","limitedEvents","register","cron","add","sendPingEvent","task","options","server","use","createMiddleware","bootstrap","send","event","payload","destroy"],"mappings":";;;;;AAYA,MAAMA,cAAAA,GAAiB;AACrB,IAAA,iCAAA;AACA,IAAA,yBAAA;AACA,IAAA,gCAAA;AACA,IAAA,+BAAA;AACA,IAAA;AACD,CAAA;AAED,MAAMC,0BAA0B,CAACC,MAAAA,GAAAA;AAC/B,IAAA,MAAMC,IAAAA,GAAOD,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,MAAA,CAAA;AAC/B,IAAA,MAAMC,iBAAAA,GAAoBJ,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA;IAC5C,MAAME,UAAAA,GACJ,CAACJ,IAAAA,IAAQK,QAAAA,CAASC,QAAQC,GAAG,CAACC,yBAAyB,CAAA,IAAKH,QAAAA,CAASF,iBAAAA,CAAAA;AAEvE,IAAA,MAAMM,SAASC,YAAAA,CAAaX,MAAAA,CAAAA;IAC5B,MAAMY,SAAAA,GAAYC,kBAAkBH,MAAAA,EAAQ;QAAEI,aAAAA,EAAehB;AAAe,KAAA,CAAA;IAE5E,OAAO;AACL,QAAA,IAAIO,UAAAA,CAAAA,GAAa;YACf,OAAOA,UAAAA;AACT,QAAA,CAAA;AAEAU,QAAAA,QAAAA,CAAAA,GAAAA;AACE,YAAA,IAAI,CAACV,UAAAA,EAAY;gBACfL,MAAAA,CAAOgB,IAAI,CAACC,GAAG,CAAC;oBACdC,aAAAA,EAAe;AACbC,wBAAAA,IAAAA,EAAM,IAAMP,SAAAA,CAAU,MAAA,CAAA;wBACtBQ,OAAAA,EAAS;AACX;AACF,iBAAA,CAAA;AAEApB,gBAAAA,MAAAA,CAAOqB,MAAM,CAACC,GAAG,CAACC,gBAAAA,CAAiB;AAAEX,oBAAAA,SAAAA;AAAWZ,oBAAAA;AAAO,iBAAA,CAAA,CAAA;AACzD,YAAA;AACF,QAAA,CAAA;QAEAwB,SAAAA,CAAAA,GAAAA,CAAa,CAAA;AAEb,QAAA,MAAMC,IAAAA,CAAAA,CAAKC,KAAa,EAAEC,OAAAA,GAAmC,EAAE,EAAA;AAC7D,YAAA,IAAItB,YAAY,OAAO,IAAA;AACvB,YAAA,OAAOO,UAAUc,KAAAA,EAAOC,OAAAA,CAAAA;AAC1B,QAAA,CAAA;AAEAC,QAAAA,OAAAA,CAAAA,GAAAA;;AAEA,QAAA;AACF,KAAA;AACF;;;;"}
+{"version":3,"file":"index.mjs","sources":["../../../src/services/metrics/index.ts"],"sourcesContent":["/**\n * Strapi telemetry package.\n * You can learn more at https://docs.strapi.io/developer-docs/latest/getting-started/usage-information.html\n */\n\nimport type { Core } from '@strapi/types';\n\nimport wrapWithRateLimit from './rate-limiter';\nimport createSender from './sender';\nimport createMiddleware from './middleware';\nimport isTruthy from './is-truthy';\nimport { MCP_LIMITED_TELEMETRY_EVENTS } from '../mcp/metrics/metrics';\n\nconst LIMITED_EVENTS = [\n  'didSaveMediaWithAlternativeText',\n  'didSaveMediaWithCaption',\n  'didDisableResponsiveDimensions',\n  'didEnableResponsiveDimensions',\n  'didInitializePluginUpload',\n  ...Object.values(MCP_LIMITED_TELEMETRY_EVENTS),\n];\n\nconst createTelemetryInstance = (strapi: Core.Strapi) => {\n  const uuid = strapi.config.get('uuid');\n  const telemetryDisabled = strapi.config.get('packageJsonStrapi.telemetryDisabled');\n  const isDisabled =\n    !uuid || isTruthy(process.env.STRAPI_TELEMETRY_DISABLED) || isTruthy(telemetryDisabled);\n\n  const sender = createSender(strapi);\n  const sendEvent = wrapWithRateLimit(sender, { limitedEvents: LIMITED_EVENTS });\n\n  return {\n    get isDisabled() {\n      return isDisabled;\n    },\n\n    register() {\n      if (!isDisabled) {\n        strapi.cron.add({\n          sendPingEvent: {\n            task: () => sendEvent('ping'),\n            options: '0 0 12 * * *',\n          },\n        });\n\n        strapi.server.use(createMiddleware({ sendEvent, strapi }));\n      }\n    },\n\n    bootstrap() {},\n\n    async send(event: string, payload: Record<string, unknown> = {}) {\n      if (isDisabled) return true;\n      return sendEvent(event, payload);\n    },\n\n    destroy() {\n      // Clean up resources if needed\n    },\n  };\n};\n\nexport default createTelemetryInstance;\n"],"names":["LIMITED_EVENTS","Object","values","MCP_LIMITED_TELEMETRY_EVENTS","createTelemetryInstance","strapi","uuid","config","get","telemetryDisabled","isDisabled","isTruthy","process","env","STRAPI_TELEMETRY_DISABLED","sender","createSender","sendEvent","wrapWithRateLimit","limitedEvents","register","cron","add","sendPingEvent","task","options","server","use","createMiddleware","bootstrap","send","event","payload","destroy"],"mappings":";;;;;;AAaA,MAAMA,cAAAA,GAAiB;AACrB,IAAA,iCAAA;AACA,IAAA,yBAAA;AACA,IAAA,gCAAA;AACA,IAAA,+BAAA;AACA,IAAA,2BAAA;AACGC,IAAAA,GAAAA,MAAAA,CAAOC,MAAM,CAACC,4BAAAA;AAClB,CAAA;AAED,MAAMC,0BAA0B,CAACC,MAAAA,GAAAA;AAC/B,IAAA,MAAMC,IAAAA,GAAOD,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,MAAA,CAAA;AAC/B,IAAA,MAAMC,iBAAAA,GAAoBJ,MAAAA,CAAOE,MAAM,CAACC,GAAG,CAAC,qCAAA,CAAA;IAC5C,MAAME,UAAAA,GACJ,CAACJ,IAAAA,IAAQK,QAAAA,CAASC,QAAQC,GAAG,CAACC,yBAAyB,CAAA,IAAKH,QAAAA,CAASF,iBAAAA,CAAAA;AAEvE,IAAA,MAAMM,SAASC,YAAAA,CAAaX,MAAAA,CAAAA;IAC5B,MAAMY,SAAAA,GAAYC,kBAAkBH,MAAAA,EAAQ;QAAEI,aAAAA,EAAenB;AAAe,KAAA,CAAA;IAE5E,OAAO;AACL,QAAA,IAAIU,UAAAA,CAAAA,GAAa;YACf,OAAOA,UAAAA;AACT,QAAA,CAAA;AAEAU,QAAAA,QAAAA,CAAAA,GAAAA;AACE,YAAA,IAAI,CAACV,UAAAA,EAAY;gBACfL,MAAAA,CAAOgB,IAAI,CAACC,GAAG,CAAC;oBACdC,aAAAA,EAAe;AACbC,wBAAAA,IAAAA,EAAM,IAAMP,SAAAA,CAAU,MAAA,CAAA;wBACtBQ,OAAAA,EAAS;AACX;AACF,iBAAA,CAAA;AAEApB,gBAAAA,MAAAA,CAAOqB,MAAM,CAACC,GAAG,CAACC,gBAAAA,CAAiB;AAAEX,oBAAAA,SAAAA;AAAWZ,oBAAAA;AAAO,iBAAA,CAAA,CAAA;AACzD,YAAA;AACF,QAAA,CAAA;QAEAwB,SAAAA,CAAAA,GAAAA,CAAa,CAAA;AAEb,QAAA,MAAMC,IAAAA,CAAAA,CAAKC,KAAa,EAAEC,OAAAA,GAAmC,EAAE,EAAA;AAC7D,YAAA,IAAItB,YAAY,OAAO,IAAA;AACvB,YAAA,OAAOO,UAAUc,KAAAA,EAAOC,OAAAA,CAAAA;AAC1B,QAAA,CAAA;AAEAC,QAAAA,OAAAA,CAAAA,GAAAA;;AAEA,QAAA;AACF,KAAA;AACF;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@strapi/core",
-  "version": "5.46.1",
+  "version": "5.47.0",
   "description": "Core of Strapi",
   "homepage": "https://strapi.io",
   "bugs": {
@@ -56,17 +56,19 @@
     "test:unit:vitest:watch": "vitest --watch"
   },
   "dependencies": {
+    "@casl/ability": "6.7.5",
     "@koa/cors": "5.0.0",
     "@koa/router": "12.0.2",
+    "@modelcontextprotocol/sdk": "1.29.0",
     "@paralleldrive/cuid2": "2.2.2",
-    "@strapi/admin": "5.46.1",
-    "@strapi/database": "5.46.1",
-    "@strapi/generators": "5.46.1",
-    "@strapi/logger": "5.46.1",
-    "@strapi/permissions": "5.46.1",
-    "@strapi/types": "5.46.1",
-    "@strapi/typescript-utils": "5.46.1",
-    "@strapi/utils": "5.46.1",
+    "@strapi/admin": "5.47.0",
+    "@strapi/database": "5.47.0",
+    "@strapi/generators": "5.47.0",
+    "@strapi/logger": "5.47.0",
+    "@strapi/permissions": "5.47.0",
+    "@strapi/types": "5.47.0",
+    "@strapi/typescript-utils": "5.47.0",
+    "@strapi/utils": "5.47.0",
     "@vercel/stega": "0.1.2",
     "bcryptjs": "2.4.3",
     "boxen": "5.1.2",
@@ -133,11 +135,11 @@
     "@types/node": "24.10.0",
     "@types/node-schedule": "2.1.7",
     "@types/statuses": "2.0.1",
-    "eslint-config-custom": "5.46.1",
+    "eslint-config-custom": "5.47.0",
     "supertest": "7.2.2",
-    "tsconfig": "5.46.1",
+    "tsconfig": "5.47.0",
     "vitest": "catalog:",
-    "vitest-config": "5.46.1"
+    "vitest-config": "5.47.0"
   },
   "engines": {
     "node": ">=20.0.0 <=24.x.x",