@studiometa/productive-mcp 0.10.10 → 0.10.12

package/README.md

@@ -17,6 +17,7 @@ MCP (Model Context Protocol) server for [Productive.io](https://productive.io).
 - Two modes: **local (stdio)** for personal use, **remote (HTTP)** for teams
 - OAuth 2.0 support for Claude Desktop custom connectors
 - Built-in `help` action for self-documentation
+- Raw API escape hatches: `api_read` for documented GET endpoints and gated `api_write` for documented writes
 
 ## Mode 1: Local (stdio)
 
@@ -144,6 +145,125 @@ Use `action="help"` with any resource for detailed documentation on available pa
 | `include`           | string[] | Related resources to include (e.g. `["project", "assignee"]`) |
 | `query`             | string   | Text search for `list` actions                                |
 
+### Raw API Tools
+
+In addition to the unified `productive` tool, the server exposes two low-level tools for documented Productive API endpoints.
+
+| Tool        | Description                                                                              |
+| ----------- | ---------------------------------------------------------------------------------------- |
+| `api_read`  | Read-only raw API access for documented `GET` endpoints                                  |
+| `api_write` | Gated raw API write access for documented `POST`, `PATCH`, `PUT`, and `DELETE` endpoints |
+
+#### `api_read`
+
+Use `api_read` when you need a documented endpoint that is not yet covered by the higher-level `productive` tool.
+
+**Parameters**
+
+| Parameter   | Type     | Description                                              |
+| ----------- | -------- | -------------------------------------------------------- |
+| `path`      | string   | Required relative API path, starting with `/`            |
+| `describe`  | boolean  | Return endpoint docs instead of executing the request    |
+| `filter`    | object   | Filter object, validated against the documented endpoint |
+| `include`   | string[] | Related resources to include                             |
+| `sort`      | string[] | Sort values, validated against the documented endpoint   |
+| `page`      | number   | Page number                                              |
+| `per_page`  | number   | Page size, max `200`                                     |
+| `paginate`  | boolean  | Follow pagination automatically                          |
+| `max_pages` | number   | Max pages when `paginate=true`, default `20`, max `50`   |
+
+**Safety model**
+
+- `GET` only
+- Path must be relative and start with `/`
+- Absolute URLs and path traversal are rejected
+- Only documented Productive endpoints are allowed
+- Filters and sort values are validated against the endpoint spec
+- `describe=true` is the safest way to inspect an endpoint before calling it
+
+**Examples**
+
+```json
+{
+  "path": "/invoices",
+  "describe": true
+}
+```
+
+```json
+{
+  "path": "/projects/123/tasks",
+  "filter": { "status": "open" },
+  "sort": ["due_date"],
+  "page": 1,
+  "per_page": 50
+}
+```
+
+```json
+{
+  "path": "/time_entries",
+  "filter": { "person_id": ["me"], "after": "2025-01-01", "before": "2025-01-31" },
+  "paginate": true,
+  "max_pages": 5
+}
+```
+
+#### `api_write`
+
+Use `api_write` only when the higher-level `productive` tool does not expose the mutation you need.
+
+**Parameters**
+
+| Parameter | Type    | Description                                        |
+| --------- | ------- | -------------------------------------------------- |
+| `method`  | string  | Required, one of `POST`, `PATCH`, `PUT`, `DELETE`  |
+| `path`    | string  | Required relative API path                         |
+| `body`    | object  | Request body for write methods                     |
+| `confirm` | boolean | Required, must be `true`                           |
+| `dry_run` | boolean | Return the normalized request without executing it |
+
+**Safety model**
+
+- Disabled by default
+- Requires `PRODUCTIVE_MCP_ENABLE_API_WRITE=true` on the server
+- Requires `confirm=true` on every call
+- Only documented Productive endpoints are allowed
+- Path must be relative; absolute URLs and traversal are rejected
+- `dry_run=true` lets you verify the exact method, path, and body before execution
+
+To enable writes in local or remote deployments:
+
+```bash
+PRODUCTIVE_MCP_ENABLE_API_WRITE=true productive-mcp-server
+```
+
+**Examples**
+
+```json
+{
+  "method": "PATCH",
+  "path": "/tasks/123",
+  "body": {
+    "data": {
+      "type": "tasks",
+      "id": "123",
+      "attributes": { "name": "Updated title" }
+    }
+  },
+  "confirm": true,
+  "dry_run": true
+}
+```
+
+```json
+{
+  "method": "DELETE",
+  "path": "/attachments/456",
+  "confirm": true
+}
+```
+
 ### Configuration Tools (Local mode only)
 
 | Tool                    | Description                                        |

package/dist/api-reference/generated.d.ts

@@ -0,0 +1,3 @@
+import type { ApiReference } from './types.js';
+export declare const PRODUCTIVE_API_REFERENCE: ApiReference;
+//# sourceMappingURL=generated.d.ts.map

package/dist/api-reference/generated.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generated.d.ts","sourceRoot":"","sources":["../../src/api-reference/generated.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,eAAO,MAAM,wBAAwB,EAAE,YAk3jD7B,CAAC"}

package/dist/api-reference/types.d.ts

@@ -0,0 +1,31 @@
+export interface ApiFilterOperatorSpec {
+    description?: string;
+}
+export interface ApiFilterSpec {
+    type?: string;
+    format?: string;
+    description?: string;
+    enum?: Array<string | number>;
+    operators?: Record<string, ApiFilterOperatorSpec>;
+}
+export interface ApiQueryParamSpec {
+    type?: string;
+    description?: string;
+}
+export interface ApiMethodSpec {
+    summary: string;
+    description?: string;
+    operationId?: string;
+    query?: Record<string, ApiQueryParamSpec>;
+    filters?: Record<string, ApiFilterSpec>;
+    sort?: string[];
+    pathParams?: Record<string, ApiQueryParamSpec>;
+    requestBodyFields?: string[];
+    supportsBody?: boolean;
+}
+export interface ApiEndpointSpec {
+    path: string;
+    methods: Partial<Record<'GET' | 'POST' | 'PATCH' | 'PUT' | 'DELETE', ApiMethodSpec>>;
+}
+export type ApiReference = Record<string, ApiEndpointSpec>;
+//# sourceMappingURL=types.d.ts.map

package/dist/api-reference/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/api-reference/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,qBAAqB;IACpC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;CACnD;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAC1C,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IACxC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAC/C,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,MAAM,GAAG,OAAO,GAAG,KAAK,GAAG,QAAQ,EAAE,aAAa,CAAC,CAAC,CAAC;CACtF;AAED,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC"}

package/dist/auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.js","names":[],"sources":["../src/auth.ts"],"sourcesContent":["/**\n * Authentication utilities for Productive MCP server\n */\n\nexport interface ProductiveCredentials {\n  organizationId: string;\n  apiToken: string;\n  userId?: string;\n}\n\n/**\n * Parse Bearer token containing Productive credentials\n * Token format: base64(organizationId:apiToken) or base64(organizationId:apiToken:userId)\n *\n * @param authHeader - Authorization header value (e.g., \"Bearer base64...\")\n * @returns Parsed credentials or null if invalid\n */\nexport function parseAuthHeader(\n  authHeader: string | undefined | null,\n): ProductiveCredentials | null {\n  if (!authHeader) {\n    return null;\n  }\n\n  const match = authHeader.match(/^Bearer\\s+(.+)$/i);\n  if (!match) {\n    return null;\n  }\n\n  const token = match[1];\n\n  try {\n    const decoded = Buffer.from(token, 'base64').toString('utf-8');\n    const parts = decoded.split(':');\n\n    if (parts.length < 2) {\n      return null;\n    }\n\n    const [organizationId, apiToken, userId] = parts;\n\n    if (!organizationId || !apiToken) {\n      return null;\n    }\n\n    return {\n      organizationId,\n      apiToken,\n      userId: userId || undefined,\n    };\n  } catch {\n    return null;\n  }\n}\n\n/**\n * Create a Bearer token from Productive credentials\n * Useful for documentation and testing\n *\n * @param credentials - Productive credentials\n * @returns Base64 encoded token (without \"Bearer \" prefix)\n */\nexport function createAuthToken(credentials: ProductiveCredentials): string {\n  const parts = [credentials.organizationId, credentials.apiToken];\n  if (credentials.userId) {\n    parts.push(credentials.userId);\n  }\n  return Buffer.from(parts.join(':')).toString('base64');\n}\n"],"mappings":";;;;;;;;AAiBA,SAAgB,gBACd,YAC8B;AAC9B,KAAI,CAAC,WACH,QAAO;CAGT,MAAM,QAAQ,WAAW,MAAM,mBAAmB;AAClD,KAAI,CAAC,MACH,QAAO;CAGT,MAAM,QAAQ,MAAM;AAEpB,KAAI;EAEF,MAAM,QADU,OAAO,KAAK,OAAO,SAAS,CAAC,SAAS,QAAQ,CACxC,MAAM,IAAI;AAEhC,MAAI,MAAM,SAAS,EACjB,QAAO;EAGT,MAAM,CAAC,gBAAgB,UAAU,UAAU;AAE3C,MAAI,CAAC,kBAAkB,CAAC,SACtB,QAAO;AAGT,SAAO;GACL;GACA;GACA,QAAQ,UAAU,KAAA;GACnB;SACK;AACN,SAAO;;;;;;;;;;AAWX,SAAgB,gBAAgB,aAA4C;CAC1E,MAAM,QAAQ,CAAC,YAAY,gBAAgB,YAAY,SAAS;AAChE,KAAI,YAAY,OACd,OAAM,KAAK,YAAY,OAAO;AAEhC,QAAO,OAAO,KAAK,MAAM,KAAK,IAAI,CAAC,CAAC,SAAS,SAAS"}
+{"version":3,"file":"auth.js","names":[],"sources":["../src/auth.ts"],"sourcesContent":["/**\n * Authentication utilities for Productive MCP server\n */\n\nexport interface ProductiveCredentials {\n  organizationId: string;\n  apiToken: string;\n  userId?: string;\n}\n\n/**\n * Parse Bearer token containing Productive credentials\n * Token format: base64(organizationId:apiToken) or base64(organizationId:apiToken:userId)\n *\n * @param authHeader - Authorization header value (e.g., \"Bearer base64...\")\n * @returns Parsed credentials or null if invalid\n */\nexport function parseAuthHeader(\n  authHeader: string | undefined | null,\n): ProductiveCredentials | null {\n  if (!authHeader) {\n    return null;\n  }\n\n  const match = authHeader.match(/^Bearer\\s+(.+)$/i);\n  if (!match) {\n    return null;\n  }\n\n  const token = match[1];\n\n  try {\n    const decoded = Buffer.from(token, 'base64').toString('utf-8');\n    const parts = decoded.split(':');\n\n    if (parts.length < 2) {\n      return null;\n    }\n\n    const [organizationId, apiToken, userId] = parts;\n\n    if (!organizationId || !apiToken) {\n      return null;\n    }\n\n    return {\n      organizationId,\n      apiToken,\n      userId: userId || undefined,\n    };\n  } catch {\n    return null;\n  }\n}\n\n/**\n * Create a Bearer token from Productive credentials\n * Useful for documentation and testing\n *\n * @param credentials - Productive credentials\n * @returns Base64 encoded token (without \"Bearer \" prefix)\n */\nexport function createAuthToken(credentials: ProductiveCredentials): string {\n  const parts = [credentials.organizationId, credentials.apiToken];\n  if (credentials.userId) {\n    parts.push(credentials.userId);\n  }\n  return Buffer.from(parts.join(':')).toString('base64');\n}\n"],"mappings":";;;;;;;;AAiBA,SAAgB,gBACd,YAC8B;CAC9B,IAAI,CAAC,YACH,OAAO;CAGT,MAAM,QAAQ,WAAW,MAAM,kBAAkB;CACjD,IAAI,CAAC,OACH,OAAO;CAGT,MAAM,QAAQ,MAAM;CAEpB,IAAI;EAEF,MAAM,QADU,OAAO,KAAK,OAAO,QAAQ,EAAE,SAAS,OACxC,EAAQ,MAAM,GAAG;EAE/B,IAAI,MAAM,SAAS,GACjB,OAAO;EAGT,MAAM,CAAC,gBAAgB,UAAU,UAAU;EAE3C,IAAI,CAAC,kBAAkB,CAAC,UACtB,OAAO;EAGT,OAAO;GACL;GACA;GACA,QAAQ,UAAU,KAAA;EACpB;CACF,QAAQ;EACN,OAAO;CACT;AACF;;;;;;;;AASA,SAAgB,gBAAgB,aAA4C;CAC1E,MAAM,QAAQ,CAAC,YAAY,gBAAgB,YAAY,QAAQ;CAC/D,IAAI,YAAY,QACd,MAAM,KAAK,YAAY,MAAM;CAE/B,OAAO,OAAO,KAAK,MAAM,KAAK,GAAG,CAAC,EAAE,SAAS,QAAQ;AACvD"}

package/dist/crypto.js

@@ -64,9 +64,9 @@ function decrypt(ciphertext, secret = getSecret()) {
 	try {
 		const combined = Buffer.from(ciphertext, "base64url");
 		const salt = combined.subarray(0, SALT_LENGTH);
-		const iv = combined.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);
-		const authTag = combined.subarray(SALT_LENGTH + IV_LENGTH, SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);
-		const encrypted = combined.subarray(SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);
+		const iv = combined.subarray(SALT_LENGTH, 28);
+		const authTag = combined.subarray(28, 44);
+		const encrypted = combined.subarray(44);
 		const decipher = createDecipheriv(ALGORITHM, deriveKey(secret, salt), iv, { authTagLength: AUTH_TAG_LENGTH });
 		decipher.setAuthTag(authTag);
 		return Buffer.concat([decipher.update(encrypted), decipher.final()]).toString("utf8");

package/dist/crypto.js.map

@@ -1 +1 @@
-{"version":3,"file":"crypto.js","names":[],"sources":["../src/crypto.ts"],"sourcesContent":["/**\n * Cryptographic utilities for stateless OAuth tokens\n *\n * Uses AES-256-GCM for authenticated encryption.\n * The authorization code contains encrypted credentials that can be\n * decrypted without server-side storage.\n */\n\nimport { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'node:crypto';\n\nconst ALGORITHM = 'aes-256-gcm';\nconst IV_LENGTH = 12; // GCM recommended IV length\nconst AUTH_TAG_LENGTH = 16;\nconst SALT_LENGTH = 16;\n\n/**\n * Derive a 256-bit key from a password using scrypt\n */\nfunction deriveKey(password: string, salt: Buffer): Buffer {\n  return scryptSync(password, salt, 32);\n}\n\n/**\n * Get the encryption secret from environment or generate a default\n * In production, OAUTH_SECRET should always be set\n */\nexport function getSecret(): string {\n  const secret = process.env.OAUTH_SECRET;\n  if (!secret) {\n    console.warn(\n      'WARNING: OAUTH_SECRET not set. Using default secret. Set OAUTH_SECRET in production!',\n    );\n    return 'productive-mcp-default-secret-change-me';\n  }\n  return secret;\n}\n\n/**\n * Encrypt data using AES-256-GCM\n *\n * Output format: base64(salt + iv + authTag + ciphertext)\n *\n * @param plaintext - Data to encrypt\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Base64-encoded encrypted data\n */\nexport function encrypt(plaintext: string, secret: string = getSecret()): string {\n  const salt = randomBytes(SALT_LENGTH);\n  const key = deriveKey(secret, salt);\n  const iv = randomBytes(IV_LENGTH);\n\n  const cipher = createCipheriv(ALGORITHM, key, iv);\n  const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);\n  const authTag = cipher.getAuthTag();\n\n  // Combine: salt + iv + authTag + ciphertext\n  const combined = Buffer.concat([salt, iv, authTag, encrypted]);\n\n  return combined.toString('base64url');\n}\n\n/**\n * Decrypt data encrypted with encrypt()\n *\n * @param ciphertext - Base64-encoded encrypted data\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Decrypted plaintext\n * @throws Error if decryption fails (invalid data or wrong secret)\n */\nexport function decrypt(ciphertext: string, secret: string = getSecret()): string {\n  try {\n    const combined = Buffer.from(ciphertext, 'base64url');\n\n    // Extract components\n    const salt = combined.subarray(0, SALT_LENGTH);\n    const iv = combined.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);\n    const authTag = combined.subarray(\n      SALT_LENGTH + IV_LENGTH,\n      SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH,\n    );\n    const encrypted = combined.subarray(SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);\n\n    const key = deriveKey(secret, salt);\n\n    const decipher = createDecipheriv(ALGORITHM, key, iv, { authTagLength: AUTH_TAG_LENGTH });\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);\n\n    return decrypted.toString('utf8');\n  } catch {\n    throw new Error('Decryption failed: invalid token or secret');\n  }\n}\n\n/**\n * Authorization code payload structure\n */\nexport interface AuthCodePayload {\n  orgId: string;\n  apiToken: string;\n  userId?: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n}\n\n/**\n * Create an encrypted authorization code containing credentials and PKCE challenge\n *\n * @param credentials - Object with orgId, apiToken, userId, and optional PKCE params\n * @param expiresInSeconds - Code expiration time (default: 5 minutes)\n * @returns Encrypted authorization code\n */\nexport function createAuthCode(\n  credentials: AuthCodePayload,\n  expiresInSeconds: number = 300,\n): string {\n  const payload = {\n    ...credentials,\n    exp: Date.now() + expiresInSeconds * 1000,\n  };\n  return encrypt(JSON.stringify(payload));\n}\n\n/**\n * Decode and validate an authorization code\n *\n * @param code - Encrypted authorization code\n * @returns Decoded payload with credentials and PKCE challenge\n * @throws Error if code is invalid or expired\n */\nexport function decodeAuthCode(code: string): AuthCodePayload {\n  const payload = JSON.parse(decrypt(code));\n\n  if (payload.exp && Date.now() > payload.exp) {\n    throw new Error('Authorization code expired');\n  }\n\n  const { orgId, apiToken, userId, codeChallenge, codeChallengeMethod } = payload;\n\n  if (!orgId || !apiToken) {\n    throw new Error('Invalid authorization code: missing credentials');\n  }\n\n  return { orgId, apiToken, userId, codeChallenge, codeChallengeMethod };\n}\n"],"mappings":";;;;;;;;;AAUA,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,kBAAkB;AACxB,IAAM,cAAc;;;;AAKpB,SAAS,UAAU,UAAkB,MAAsB;AACzD,QAAO,WAAW,UAAU,MAAM,GAAG;;;;;;AAOvC,SAAgB,YAAoB;CAClC,MAAM,SAAS,QAAQ,IAAI;AAC3B,KAAI,CAAC,QAAQ;AACX,UAAQ,KACN,uFACD;AACD,SAAO;;AAET,QAAO;;;;;;;;;;;AAYT,SAAgB,QAAQ,WAAmB,SAAiB,WAAW,EAAU;CAC/E,MAAM,OAAO,YAAY,YAAY;CACrC,MAAM,MAAM,UAAU,QAAQ,KAAK;CACnC,MAAM,KAAK,YAAY,UAAU;CAEjC,MAAM,SAAS,eAAe,WAAW,KAAK,GAAG;CACjD,MAAM,YAAY,OAAO,OAAO,CAAC,OAAO,OAAO,WAAW,OAAO,EAAE,OAAO,OAAO,CAAC,CAAC;CACnF,MAAM,UAAU,OAAO,YAAY;AAKnC,QAFiB,OAAO,OAAO;EAAC;EAAM;EAAI;EAAS;EAAU,CAAC,CAE9C,SAAS,YAAY;;;;;;;;;;AAWvC,SAAgB,QAAQ,YAAoB,SAAiB,WAAW,EAAU;AAChF,KAAI;EACF,MAAM,WAAW,OAAO,KAAK,YAAY,YAAY;EAGrD,MAAM,OAAO,SAAS,SAAS,GAAG,YAAY;EAC9C,MAAM,KAAK,SAAS,SAAS,aAAa,cAAc,UAAU;EAClE,MAAM,UAAU,SAAS,SACvB,cAAc,WACd,cAAc,YAAY,gBAC3B;EACD,MAAM,YAAY,SAAS,SAAS,cAAc,YAAY,gBAAgB;EAI9E,MAAM,WAAW,iBAAiB,WAFtB,UAAU,QAAQ,KAAK,EAEe,IAAI,EAAE,eAAe,iBAAiB,CAAC;AACzF,WAAS,WAAW,QAAQ;AAI5B,SAFkB,OAAO,OAAO,CAAC,SAAS,OAAO,UAAU,EAAE,SAAS,OAAO,CAAC,CAAC,CAE9D,SAAS,OAAO;SAC3B;AACN,QAAM,IAAI,MAAM,6CAA6C;;;;;;;;;;AAsBjE,SAAgB,eACd,aACA,mBAA2B,KACnB;CACR,MAAM,UAAU;EACd,GAAG;EACH,KAAK,KAAK,KAAK,GAAG,mBAAmB;EACtC;AACD,QAAO,QAAQ,KAAK,UAAU,QAAQ,CAAC;;;;;;;;;AAUzC,SAAgB,eAAe,MAA+B;CAC5D,MAAM,UAAU,KAAK,MAAM,QAAQ,KAAK,CAAC;AAEzC,KAAI,QAAQ,OAAO,KAAK,KAAK,GAAG,QAAQ,IACtC,OAAM,IAAI,MAAM,6BAA6B;CAG/C,MAAM,EAAE,OAAO,UAAU,QAAQ,eAAe,wBAAwB;AAExE,KAAI,CAAC,SAAS,CAAC,SACb,OAAM,IAAI,MAAM,kDAAkD;AAGpE,QAAO;EAAE;EAAO;EAAU;EAAQ;EAAe;EAAqB"}
+{"version":3,"file":"crypto.js","names":[],"sources":["../src/crypto.ts"],"sourcesContent":["/**\n * Cryptographic utilities for stateless OAuth tokens\n *\n * Uses AES-256-GCM for authenticated encryption.\n * The authorization code contains encrypted credentials that can be\n * decrypted without server-side storage.\n */\n\nimport { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'node:crypto';\n\nconst ALGORITHM = 'aes-256-gcm';\nconst IV_LENGTH = 12; // GCM recommended IV length\nconst AUTH_TAG_LENGTH = 16;\nconst SALT_LENGTH = 16;\n\n/**\n * Derive a 256-bit key from a password using scrypt\n */\nfunction deriveKey(password: string, salt: Buffer): Buffer {\n  return scryptSync(password, salt, 32);\n}\n\n/**\n * Get the encryption secret from environment or generate a default\n * In production, OAUTH_SECRET should always be set\n */\nexport function getSecret(): string {\n  const secret = process.env.OAUTH_SECRET;\n  if (!secret) {\n    console.warn(\n      'WARNING: OAUTH_SECRET not set. Using default secret. Set OAUTH_SECRET in production!',\n    );\n    return 'productive-mcp-default-secret-change-me';\n  }\n  return secret;\n}\n\n/**\n * Encrypt data using AES-256-GCM\n *\n * Output format: base64(salt + iv + authTag + ciphertext)\n *\n * @param plaintext - Data to encrypt\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Base64-encoded encrypted data\n */\nexport function encrypt(plaintext: string, secret: string = getSecret()): string {\n  const salt = randomBytes(SALT_LENGTH);\n  const key = deriveKey(secret, salt);\n  const iv = randomBytes(IV_LENGTH);\n\n  const cipher = createCipheriv(ALGORITHM, key, iv);\n  const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);\n  const authTag = cipher.getAuthTag();\n\n  // Combine: salt + iv + authTag + ciphertext\n  const combined = Buffer.concat([salt, iv, authTag, encrypted]);\n\n  return combined.toString('base64url');\n}\n\n/**\n * Decrypt data encrypted with encrypt()\n *\n * @param ciphertext - Base64-encoded encrypted data\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Decrypted plaintext\n * @throws Error if decryption fails (invalid data or wrong secret)\n */\nexport function decrypt(ciphertext: string, secret: string = getSecret()): string {\n  try {\n    const combined = Buffer.from(ciphertext, 'base64url');\n\n    // Extract components\n    const salt = combined.subarray(0, SALT_LENGTH);\n    const iv = combined.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);\n    const authTag = combined.subarray(\n      SALT_LENGTH + IV_LENGTH,\n      SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH,\n    );\n    const encrypted = combined.subarray(SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);\n\n    const key = deriveKey(secret, salt);\n\n    const decipher = createDecipheriv(ALGORITHM, key, iv, { authTagLength: AUTH_TAG_LENGTH });\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);\n\n    return decrypted.toString('utf8');\n  } catch {\n    throw new Error('Decryption failed: invalid token or secret');\n  }\n}\n\n/**\n * Authorization code payload structure\n */\nexport interface AuthCodePayload {\n  orgId: string;\n  apiToken: string;\n  userId?: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n}\n\n/**\n * Create an encrypted authorization code containing credentials and PKCE challenge\n *\n * @param credentials - Object with orgId, apiToken, userId, and optional PKCE params\n * @param expiresInSeconds - Code expiration time (default: 5 minutes)\n * @returns Encrypted authorization code\n */\nexport function createAuthCode(\n  credentials: AuthCodePayload,\n  expiresInSeconds: number = 300,\n): string {\n  const payload = {\n    ...credentials,\n    exp: Date.now() + expiresInSeconds * 1000,\n  };\n  return encrypt(JSON.stringify(payload));\n}\n\n/**\n * Decode and validate an authorization code\n *\n * @param code - Encrypted authorization code\n * @returns Decoded payload with credentials and PKCE challenge\n * @throws Error if code is invalid or expired\n */\nexport function decodeAuthCode(code: string): AuthCodePayload {\n  const payload = JSON.parse(decrypt(code));\n\n  if (payload.exp && Date.now() > payload.exp) {\n    throw new Error('Authorization code expired');\n  }\n\n  const { orgId, apiToken, userId, codeChallenge, codeChallengeMethod } = payload;\n\n  if (!orgId || !apiToken) {\n    throw new Error('Invalid authorization code: missing credentials');\n  }\n\n  return { orgId, apiToken, userId, codeChallenge, codeChallengeMethod };\n}\n"],"mappings":";;;;;;;;;AAUA,IAAM,YAAY;AAClB,IAAM,YAAY;AAClB,IAAM,kBAAkB;AACxB,IAAM,cAAc;;;;AAKpB,SAAS,UAAU,UAAkB,MAAsB;CACzD,OAAO,WAAW,UAAU,MAAM,EAAE;AACtC;;;;;AAMA,SAAgB,YAAoB;CAClC,MAAM,SAAS,QAAQ,IAAI;CAC3B,IAAI,CAAC,QAAQ;EACX,QAAQ,KACN,sFACF;EACA,OAAO;CACT;CACA,OAAO;AACT;;;;;;;;;;AAWA,SAAgB,QAAQ,WAAmB,SAAiB,UAAU,GAAW;CAC/E,MAAM,OAAO,YAAY,WAAW;CACpC,MAAM,MAAM,UAAU,QAAQ,IAAI;CAClC,MAAM,KAAK,YAAY,SAAS;CAEhC,MAAM,SAAS,eAAe,WAAW,KAAK,EAAE;CAChD,MAAM,YAAY,OAAO,OAAO,CAAC,OAAO,OAAO,WAAW,MAAM,GAAG,OAAO,MAAM,CAAC,CAAC;CAClF,MAAM,UAAU,OAAO,WAAW;CAKlC,OAFiB,OAAO,OAAO;EAAC;EAAM;EAAI;EAAS;CAAS,CAErD,EAAS,SAAS,WAAW;AACtC;;;;;;;;;AAUA,SAAgB,QAAQ,YAAoB,SAAiB,UAAU,GAAW;CAChF,IAAI;EACF,MAAM,WAAW,OAAO,KAAK,YAAY,WAAW;EAGpD,MAAM,OAAO,SAAS,SAAS,GAAG,WAAW;EAC7C,MAAM,KAAK,SAAS,SAAS,aAAa,EAAuB;EACjE,MAAM,UAAU,SAAS,SACvB,IACA,EACF;EACA,MAAM,YAAY,SAAS,SAAS,EAAyC;EAI7E,MAAM,WAAW,iBAAiB,WAFtB,UAAU,QAAQ,IAEe,GAAK,IAAI,EAAE,eAAe,gBAAgB,CAAC;EACxF,SAAS,WAAW,OAAO;EAI3B,OAFkB,OAAO,OAAO,CAAC,SAAS,OAAO,SAAS,GAAG,SAAS,MAAM,CAAC,CAEtE,EAAU,SAAS,MAAM;CAClC,QAAQ;EACN,MAAM,IAAI,MAAM,4CAA4C;CAC9D;AACF;;;;;;;;AAoBA,SAAgB,eACd,aACA,mBAA2B,KACnB;CACR,MAAM,UAAU;EACd,GAAG;EACH,KAAK,KAAK,IAAI,IAAI,mBAAmB;CACvC;CACA,OAAO,QAAQ,KAAK,UAAU,OAAO,CAAC;AACxC;;;;;;;;AASA,SAAgB,eAAe,MAA+B;CAC5D,MAAM,UAAU,KAAK,MAAM,QAAQ,IAAI,CAAC;CAExC,IAAI,QAAQ,OAAO,KAAK,IAAI,IAAI,QAAQ,KACtC,MAAM,IAAI,MAAM,4BAA4B;CAG9C,MAAM,EAAE,OAAO,UAAU,QAAQ,eAAe,wBAAwB;CAExE,IAAI,CAAC,SAAS,CAAC,UACb,MAAM,IAAI,MAAM,iDAAiD;CAGnE,OAAO;EAAE;EAAO;EAAU;EAAQ;EAAe;CAAoB;AACvE"}

package/dist/errors.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;GAKG;AACH,qBAAa,cAAe,SAAQ,KAAK;IACvC,SAAgB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjC,YAAY,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,EAI5C;IAED;;OAEG;IACH,kBAAkB,IAAI,MAAM,CAM3B;CACF;AAED;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;;;;;;;;;CAuGhB,CAAC;AAEX;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,cAAc,CAExE"}
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;GAKG;AACH,qBAAa,cAAe,SAAQ,KAAK;IACvC,SAAgB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IAEjC,YAAY,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,EAAE,EAI5C;IAED;;OAEG;IACH,kBAAkB,IAAI,MAAM,CAM3B;CACF;AAED;;GAEG;AACH,eAAO,MAAM,aAAa;aAExB,SAAS,WAAW,MAAM;aAM1B,qBAAqB,aAAa,MAAM,UAAU,MAAM,EAAE;aAU1D,aAAa,WAAW,MAAM,YAAY,MAAM,gBAAgB,MAAM,EAAE;aAOxE,eAAe,aAAa,MAAM,kBAAkB,MAAM,EAAE;aAO5D,iBAAiB;aAMjB,iBAAiB,eAAe,MAAM,cAAc,MAAM,EAAE;aAO5D,sBAAsB;aAOtB,kBAAkB;aAOlB,oBAAoB;aAOpB,oBAAoB;aAOpB,uBAAuB,kBAAkB,MAAM,EAAE;aAOjD,QAAQ,eAAe,MAAM,WAAW,MAAM;CAuBtC,CAAC;AAEX;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,cAAc,CAExE"}

package/dist/handlers/activities.d.ts

@@ -20,103 +20,7 @@ export interface ActivityArgs extends CommonArgs {
  * Supports: list
  */
 export declare const handleActivities: (action: string, args: ActivityArgs & {
-    query?: string | undefined;
-    type?: import("@studiometa/productive-core").ResolvableResourceType | undefined;
-}, ctx: import("./types.js").HandlerContext) => Promise<{
-    [x: string]: unknown;
-    _meta?: {
-        [x: string]: unknown;
-        progressToken?: string | number | undefined;
-        "io.modelcontextprotocol/related-task"?: {
-            taskId: string;
-        } | undefined;
-    } | undefined;
-    content: ({
-        type: "text";
-        text: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        type: "image";
-        data: string;
-        mimeType: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        type: "audio";
-        data: string;
-        mimeType: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        uri: string;
-        description?: string | undefined;
-        mimeType?: string | undefined;
-        size?: number | undefined;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-        icons?: {
-            src: string;
-            mimeType?: string | undefined;
-            sizes?: string[] | undefined;
-            theme?: "dark" | "light" | undefined;
-        }[] | undefined;
-        name: string;
-        title?: string | undefined;
-        type: "resource_link";
-    } | {
-        type: "resource";
-        resource: {
-            uri: string;
-            mimeType?: string | undefined;
-            _meta?: {
-                [x: string]: unknown;
-            } | undefined;
-            text: string;
-        } | {
-            uri: string;
-            mimeType?: string | undefined;
-            _meta?: {
-                [x: string]: unknown;
-            } | undefined;
-            blob: string;
-        };
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    })[];
-    structuredContent?: {
-        [x: string]: unknown;
-    } | undefined;
-    isError?: boolean | undefined;
-}>;
+    query?: string;
+    type?: import("@studiometa/productive-core").ResolvableResourceType;
+}, ctx: import("./types.js").HandlerContext) => Promise<import("./types.js").ToolResult>;
 //# sourceMappingURL=activities.d.ts.map

package/dist/handlers/activities.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"activities.d.ts","sourceRoot":"","sources":["../../src/handlers/activities.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAK7C;;GAEG;AACH,MAAM,WAAW,YAAa,SAAQ,UAAU;IAC9C,wDAAwD;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,qDAAqD;IACrD,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAc3B,CAAC"}
+{"version":3,"file":"activities.d.ts","sourceRoot":"","sources":["../../src/handlers/activities.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAK7C;;GAEG;AACH,MAAM,WAAW,YAAa,SAAQ,UAAU;IAC9C,wDAAwD;IACxD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,qDAAqD;IACrD,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;GAIG;AACH,eAAO,MAAM,gBAAgB;;;wFAc3B,CAAC"}

package/dist/handlers/api-read.d.ts

@@ -0,0 +1,14 @@
+import type { HandlerContext, ToolResult } from './types.js';
+export interface ApiReadArgs {
+    path: string;
+    describe?: boolean;
+    filter?: Record<string, unknown>;
+    include?: string[];
+    sort?: string[];
+    page?: number;
+    per_page?: number;
+    paginate?: boolean;
+    max_pages?: number;
+}
+export declare function handleApiRead(args: ApiReadArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=api-read.d.ts.map

package/dist/handlers/api-read.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-read.d.ts","sourceRoot":"","sources":["../../src/handlers/api-read.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAa7D,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,wBAAsB,aAAa,CAAC,IAAI,EAAE,WAAW,EAAE,GAAG,EAAE,cAAc,GAAG,OAAO,CAAC,UAAU,CAAC,CA0B/F"}

package/dist/handlers/api-utils.d.ts

@@ -0,0 +1,27 @@
+import type { ApiEndpointSpec, ApiMethodSpec } from '../api-reference/types.js';
+export declare const MAX_PER_PAGE = 200;
+export declare const DEFAULT_MAX_PAGES = 20;
+export declare const MAX_MAX_PAGES = 50;
+export interface ResolvedApiEndpoint {
+    spec: ApiEndpointSpec;
+    methodSpec: ApiMethodSpec;
+    normalizedPath: string;
+}
+export declare function normalizeApiPath(path: string): string;
+export declare function resolveApiEndpoint(path: string, method: keyof ApiEndpointSpec['methods']): ResolvedApiEndpoint;
+export declare function serializeFilter(filter?: Record<string, unknown>): Record<string, string>;
+export declare function buildApiReadQuery(args: {
+    filter?: Record<string, unknown>;
+    include?: string[];
+    sort?: string[];
+    page?: number;
+    per_page?: number;
+}): Record<string, string>;
+export declare function validatePagination(args: {
+    per_page?: number;
+    max_pages?: number;
+}): void;
+export declare function validateFilterSpec(filter: Record<string, unknown> | undefined, methodSpec: ApiMethodSpec): void;
+export declare function validateSort(sort: string[] | undefined, methodSpec: ApiMethodSpec): void;
+export declare function describeApiEndpoint(path: string): Record<string, unknown>;
+//# sourceMappingURL=api-utils.d.ts.map

package/dist/handlers/api-utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-utils.d.ts","sourceRoot":"","sources":["../../src/handlers/api-utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAKhF,eAAO,MAAM,YAAY,MAAM,CAAC;AAChC,eAAO,MAAM,iBAAiB,KAAK,CAAC;AACpC,eAAO,MAAM,aAAa,KAAK,CAAC;AAEhC,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,eAAe,CAAC;IACtB,UAAU,EAAE,aAAa,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;CACxB;AAMD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAerD;AAED,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,eAAe,CAAC,SAAS,CAAC,GACvC,mBAAmB,CAgBrB;AAwBD,wBAAgB,eAAe,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CASxF;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE;IACtC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CASzB;AAED,wBAAgB,kBAAkB,CAAC,IAAI,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAQxF;AAwCD,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,SAAS,EAC3C,UAAU,EAAE,aAAa,GACxB,IAAI,CAIN;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE,UAAU,EAAE,aAAa,GAAG,IAAI,CAYxF;AA+CD,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAmCzE"}

package/dist/handlers/api-write.d.ts

@@ -0,0 +1,10 @@
+import type { HandlerContext, ToolResult } from './types.js';
+export interface ApiWriteArgs {
+    method: 'POST' | 'PATCH' | 'PUT' | 'DELETE';
+    path: string;
+    body?: unknown;
+    confirm?: boolean;
+    dry_run?: boolean;
+}
+export declare function handleApiWrite(args: ApiWriteArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=api-write.d.ts.map

package/dist/handlers/api-write.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-write.d.ts","sourceRoot":"","sources":["../../src/handlers/api-write.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAM7D,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,MAAM,GAAG,OAAO,GAAG,KAAK,GAAG,QAAQ,CAAC;IAC5C,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,wBAAsB,cAAc,CAAC,IAAI,EAAE,YAAY,EAAE,GAAG,EAAE,cAAc,GAAG,OAAO,CAAC,UAAU,CAAC,CAoCjG"}

package/dist/handlers/attachments.d.ts

@@ -3,103 +3,7 @@
  */
 import type { AttachmentArgs } from './types.js';
 export declare const handleAttachments: (action: string, args: AttachmentArgs & {
-    query?: string | undefined;
-    type?: import("@studiometa/productive-core").ResolvableResourceType | undefined;
-}, ctx: import("./types.js").HandlerContext) => Promise<{
-    [x: string]: unknown;
-    _meta?: {
-        [x: string]: unknown;
-        progressToken?: string | number | undefined;
-        "io.modelcontextprotocol/related-task"?: {
-            taskId: string;
-        } | undefined;
-    } | undefined;
-    content: ({
-        type: "text";
-        text: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        type: "image";
-        data: string;
-        mimeType: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        type: "audio";
-        data: string;
-        mimeType: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        uri: string;
-        description?: string | undefined;
-        mimeType?: string | undefined;
-        size?: number | undefined;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-        icons?: {
-            src: string;
-            mimeType?: string | undefined;
-            sizes?: string[] | undefined;
-            theme?: "dark" | "light" | undefined;
-        }[] | undefined;
-        name: string;
-        title?: string | undefined;
-        type: "resource_link";
-    } | {
-        type: "resource";
-        resource: {
-            uri: string;
-            mimeType?: string | undefined;
-            _meta?: {
-                [x: string]: unknown;
-            } | undefined;
-            text: string;
-        } | {
-            uri: string;
-            mimeType?: string | undefined;
-            _meta?: {
-                [x: string]: unknown;
-            } | undefined;
-            blob: string;
-        };
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    })[];
-    structuredContent?: {
-        [x: string]: unknown;
-    } | undefined;
-    isError?: boolean | undefined;
-}>;
+    query?: string;
+    type?: import("@studiometa/productive-core").ResolvableResourceType;
+}, ctx: import("./types.js").HandlerContext) => Promise<import("./types.js").ToolResult>;
 //# sourceMappingURL=attachments.d.ts.map

package/dist/handlers/attachments.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"attachments.d.ts","sourceRoot":"","sources":["../../src/handlers/attachments.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAMjD,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAoB5B,CAAC"}
+{"version":3,"file":"attachments.d.ts","sourceRoot":"","sources":["../../src/handlers/attachments.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAMjD,eAAO,MAAM,iBAAiB;;;wFAoB5B,CAAC"}

package/dist/handlers/bookings.d.ts

@@ -3,103 +3,7 @@
  */
 import type { BookingArgs } from './types.js';
 export declare const handleBookings: (action: string, args: BookingArgs & {
-    query?: string | undefined;
-    type?: import("@studiometa/productive-core").ResolvableResourceType | undefined;
-}, ctx: import("./types.js").HandlerContext) => Promise<{
-    [x: string]: unknown;
-    _meta?: {
-        [x: string]: unknown;
-        progressToken?: string | number | undefined;
-        "io.modelcontextprotocol/related-task"?: {
-            taskId: string;
-        } | undefined;
-    } | undefined;
-    content: ({
-        type: "text";
-        text: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        type: "image";
-        data: string;
-        mimeType: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        type: "audio";
-        data: string;
-        mimeType: string;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    } | {
-        uri: string;
-        description?: string | undefined;
-        mimeType?: string | undefined;
-        size?: number | undefined;
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-        icons?: {
-            src: string;
-            mimeType?: string | undefined;
-            sizes?: string[] | undefined;
-            theme?: "dark" | "light" | undefined;
-        }[] | undefined;
-        name: string;
-        title?: string | undefined;
-        type: "resource_link";
-    } | {
-        type: "resource";
-        resource: {
-            uri: string;
-            mimeType?: string | undefined;
-            _meta?: {
-                [x: string]: unknown;
-            } | undefined;
-            text: string;
-        } | {
-            uri: string;
-            mimeType?: string | undefined;
-            _meta?: {
-                [x: string]: unknown;
-            } | undefined;
-            blob: string;
-        };
-        annotations?: {
-            audience?: ("assistant" | "user")[] | undefined;
-            priority?: number | undefined;
-            lastModified?: string | undefined;
-        } | undefined;
-        _meta?: {
-            [x: string]: unknown;
-        } | undefined;
-    })[];
-    structuredContent?: {
-        [x: string]: unknown;
-    } | undefined;
-    isError?: boolean | undefined;
-}>;
+    query?: string;
+    type?: import("@studiometa/productive-core").ResolvableResourceType;
+}, ctx: import("./types.js").HandlerContext) => Promise<import("./types.js").ToolResult>;
 //# sourceMappingURL=bookings.d.ts.map

package/dist/handlers/bookings.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"bookings.d.ts","sourceRoot":"","sources":["../../src/handlers/bookings.ts"],"names":[],"mappings":"AAAA;;GAEG;AASH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAQ9C,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA6CzB,CAAC"}
+{"version":3,"file":"bookings.d.ts","sourceRoot":"","sources":["../../src/handlers/bookings.ts"],"names":[],"mappings":"AAAA;;GAEG;AASH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAQ9C,eAAO,MAAM,cAAc;;;wFA6CzB,CAAC"}