@studiometa/productive-mcp 0.4.6 → 0.6.0

package/Dockerfile

@@ -18,6 +18,10 @@ ENV NODE_ENV=production
 ENV PORT=3000
 ENV HOST=0.0.0.0
 
+# Create non-root user for security
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S nodejs -u 1001 -G nodejs
+
 # Expose port
 EXPOSE 3000
 
@@ -25,5 +29,8 @@ EXPOSE 3000
 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
   CMD wget --no-verbose --tries=1 --spider http://localhost:3000/health || exit 1
 
+# Switch to non-root user
+USER nodejs
+
 # Run the HTTP server
 CMD ["productive-mcp-server"]

package/README.md

@@ -13,15 +13,16 @@ MCP (Model Context Protocol) server for [Productive.io](https://productive.io) A
 - 🔑 **OAuth 2.0 support** for Claude Desktop custom connectors
 - 🌐 Deploy once, share with your team via Claude Desktop custom connectors
 - 🐳 Docker-ready for easy deployment
+- ⚡ **Token-optimized** - Single tool design minimizes context usage (~180 tokens)
 - 📦 Built on [@studiometa/productive-cli](../productive-cli)
 
 ## Usage Modes
 
 This package supports two modes:
 
-| Mode | Command | Use Case |
-|------|---------|----------|
-| **Local (stdio)** | `productive-mcp` | Personal use via Claude Desktop config |
+| Mode              | Command                 | Use Case                                     |
+| ----------------- | ----------------------- | -------------------------------------------- |
+| **Local (stdio)** | `productive-mcp`        | Personal use via Claude Desktop config       |
 | **Remote (HTTP)** | `productive-mcp-server` | Team use via Claude Desktop custom connector |
 
 ---
@@ -39,6 +40,7 @@ npm install -g @studiometa/productive-mcp
 ### Claude Desktop Configuration
 
 Edit your Claude Desktop config:
+
 - **macOS**: `~/Library/Application Support/Claude/claude_desktop_config.json`
 - **Windows**: `%APPDATA%/Claude/claude_desktop_config.json`
 - **Linux**: `~/.config/Claude/claude_desktop_config.json`
@@ -130,22 +132,23 @@ services:
       dockerfile: packages/productive-mcp/Dockerfile
     restart: unless-stopped
     ports:
-      - "3000:3000"
+      - '3000:3000'
     environment:
       PORT: 3000
       HOST: 0.0.0.0
-      OAUTH_SECRET: "your-random-secret-here"  # Required for production!
+      OAUTH_SECRET: 'your-random-secret-here' # Required for production!
 ```
 
 ### Environment Variables
 
-| Variable | Required | Description |
-|----------|----------|-------------|
-| `PORT` | No | Server port (default: 3000) |
-| `HOST` | No | Bind address (default: 0.0.0.0) |
+| Variable       | Required             | Description                            |
+| -------------- | -------------------- | -------------------------------------- |
+| `PORT`         | No                   | Server port (default: 3000)            |
+| `HOST`         | No                   | Bind address (default: 0.0.0.0)        |
 | `OAUTH_SECRET` | **Yes (production)** | Secret key for encrypting OAuth tokens |
 
 > ⚠️ **Important**: Always set `OAUTH_SECRET` in production. Generate a random secret:
+>
 > ```bash
 > openssl rand -base64 32
 > ```
@@ -173,6 +176,7 @@ echo -n "YOUR_ORG_ID:YOUR_API_TOKEN:YOUR_USER_ID" | base64
 ```
 
 Example:
+
 ```bash
 echo -n "12345:pk_abc123xyz:67890" | base64
 # Output: MTIzNDU6cGtfYWJjMTIzeHl6OjY3ODkw
@@ -180,56 +184,89 @@ echo -n "12345:pk_abc123xyz:67890" | base64
 
 ### Server Endpoints
 
-| Endpoint | Method | Description |
-|----------|--------|-------------|
-| `/mcp` | POST | MCP JSON-RPC endpoint |
-| `/health` | GET | Health check |
-| `/` | GET | Server info |
-| `/authorize` | GET | OAuth authorization (login form) |
-| `/authorize` | POST | OAuth authorization (process login) |
-| `/token` | POST | OAuth token exchange |
-| `/.well-known/oauth-authorization-server` | GET | OAuth metadata |
+| Endpoint                                  | Method | Description                         |
+| ----------------------------------------- | ------ | ----------------------------------- |
+| `/mcp`                                    | POST   | MCP JSON-RPC endpoint               |
+| `/health`                                 | GET    | Health check                        |
+| `/`                                       | GET    | Server info                         |
+| `/authorize`                              | GET    | OAuth authorization (login form)    |
+| `/authorize`                              | POST   | OAuth authorization (process login) |
+| `/token`                                  | POST   | OAuth token exchange                |
+| `/.well-known/oauth-authorization-server` | GET    | OAuth metadata                      |
 
 ---
 
-## Available Tools
+## The `productive` Tool
 
-### Projects
-- `productive_list_projects` - List projects with optional filters
-- `productive_get_project` - Get project details by ID
+The MCP server exposes a single unified tool optimized for minimal token usage:
 
-### Tasks
-- `productive_list_tasks` - List tasks with optional filters
-- `productive_get_task` - Get task details by ID
+```
+productive(resource, action, ...)
+```
 
-### Time Entries
-- `productive_list_time_entries` - List time entries with filters
-- `productive_get_time_entry` - Get time entry details by ID
-- `productive_create_time_entry` - Create a new time entry
-- `productive_update_time_entry` - Update an existing time entry
-- `productive_delete_time_entry` - Delete a time entry
+### Resources & Actions
 
-### Services
-- `productive_list_services` - List services (budget line items)
+| Resource   | Actions                                     | Description        |
+| ---------- | ------------------------------------------- | ------------------ |
+| `projects` | `list`, `get`                               | Project management |
+| `time`     | `list`, `get`, `create`, `update`, `delete` | Time tracking      |
+| `tasks`    | `list`, `get`                               | Task management    |
+| `services` | `list`                                      | Budget line items  |
+| `people`   | `list`, `get`, `me`                         | Team members       |
 
-### People
-- `productive_list_people` - List people in the organization
-- `productive_get_person` - Get person details by ID
-- `productive_get_current_user` - Get current authenticated user
+### Parameters
 
-### Configuration (Local mode only)
-- `productive_configure` - Configure credentials
-- `productive_get_config` - View current configuration
+| Parameter    | Type    | Description                                                             |
+| ------------ | ------- | ----------------------------------------------------------------------- |
+| `resource`   | string  | **Required**. One of: `projects`, `time`, `tasks`, `services`, `people` |
+| `action`     | string  | **Required**. Action to perform (see table above)                       |
+| `id`         | string  | Resource ID (required for `get`, `update`, `delete`)                    |
+| `filter`     | object  | Filter criteria for `list` actions                                      |
+| `page`       | number  | Page number for pagination                                              |
+| `per_page`   | number  | Items per page (default: 20, max: 200)                                  |
+| `compact`    | boolean | Compact output mode (default: true)                                     |
+| `person_id`  | string  | Person ID (for time entry creation)                                     |
+| `service_id` | string  | Service ID (for time entry creation)                                    |
+| `time`       | number  | Time in minutes (for time entries)                                      |
+| `date`       | string  | Date in YYYY-MM-DD format                                               |
+| `note`       | string  | Note/description                                                        |
 
----
+### Filter Options
 
-## Get Your Productive.io Credentials
+#### Projects
 
-1. Log into [Productive.io](https://productive.io)
-2. Go to **Settings → Integrations → API**
-3. Generate an API token
-4. Note your Organization ID (visible in URL or API settings)
-5. Note your User ID (click your profile, visible in URL)
+- `company_id` - Filter by company
+- `project_manager_id` - Filter by project manager
+
+#### Time Entries
+
+- `person_id` - Filter by person
+- `project_id` - Filter by project
+- `service_id` - Filter by service
+- `after` - After date (YYYY-MM-DD)
+- `before` - Before date (YYYY-MM-DD)
+
+#### Tasks
+
+- `project_id` - Filter by project
+- `assignee_id` - Filter by assignee
+- `task_list_id` - Filter by task list
+
+#### Services
+
+- `project_id` - Filter by project
+- `deal_id` - Filter by deal
+
+#### People
+
+- `archived` - Include archived (boolean)
+
+### Configuration Tools (Local mode only)
+
+| Tool                    | Description                                              |
+| ----------------------- | -------------------------------------------------------- |
+| `productive_configure`  | Configure credentials (organizationId, apiToken, userId) |
+| `productive_get_config` | View current configuration (token masked)                |
 
 ---
 
@@ -242,13 +279,57 @@ You: "Configure my Productive.io credentials"
 Claude: "I'll help you set up. Please provide your Organization ID and API Token..."
 ```
 
-### Common Queries
+### List Projects
+
+```
+You: "Show me all projects"
+Claude uses: productive(resource="projects", action="list")
+```
 
-- "Show me all active projects in Productive"
-- "Create a time entry for 2 hours today on project X"
-- "List all tasks assigned to me"
-- "What did I work on last week?"
-- "Show me the services/budgets for project 12345"
+### Get Project Details
+
+```
+You: "Get details for project 12345"
+Claude uses: productive(resource="projects", action="get", id="12345")
+```
+
+### Create Time Entry
+
+```
+You: "Log 2 hours today on service 456"
+Claude uses: productive(resource="time", action="create", person_id="...", service_id="456", time=120, date="2024-01-15")
+```
+
+### List My Time Entries
+
+```
+You: "What did I work on last week?"
+Claude uses: productive(resource="time", action="list", filter={person_id: "...", after: "2024-01-08", before: "2024-01-14"})
+```
+
+### Get Current User
+
+```
+You: "Who am I logged in as?"
+Claude uses: productive(resource="people", action="me")
+```
+
+### List Tasks for a Project
+
+```
+You: "Show tasks for project 789"
+Claude uses: productive(resource="tasks", action="list", filter={project_id: "789"})
+```
+
+---
+
+## Get Your Productive.io Credentials
+
+1. Log into [Productive.io](https://productive.io)
+2. Go to **Settings → Integrations → API**
+3. Generate an API token
+4. Note your Organization ID (visible in URL or API settings)
+5. Note your User ID (click your profile, visible in URL)
 
 ---
 
@@ -256,8 +337,8 @@ Claude: "I'll help you set up. Please provide your Organization ID and API Token
 
 ```bash
 # Clone the repository
-git clone https://github.com/studiometa/productive-cli
-cd productive-cli
+git clone https://github.com/studiometa/productive-tools
+cd productive-tools
 
 # Install dependencies
 npm install
@@ -271,6 +352,9 @@ npm run build -w @studiometa/productive-mcp
 # Development mode (watch)
 npm run dev -w @studiometa/productive-mcp
 
+# Run tests
+npm test -w @studiometa/productive-mcp
+
 # Test local server
 node packages/productive-mcp/dist/index.js
 
@@ -290,7 +374,7 @@ TOKEN=$(echo -n "YOUR_ORG_ID:YOUR_API_TOKEN:YOUR_USER_ID" | base64)
 # Test health endpoint
 curl http://localhost:3000/health
 
-# Test MCP endpoint
+# Test MCP endpoint - list tools
 curl -X POST http://localhost:3000/mcp \
   -H "Authorization: Bearer $TOKEN" \
   -H "Content-Type: application/json" \
@@ -300,7 +384,13 @@ curl -X POST http://localhost:3000/mcp \
 curl -X POST http://localhost:3000/mcp \
   -H "Authorization: Bearer $TOKEN" \
   -H "Content-Type: application/json" \
-  -d '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"productive_list_projects","arguments":{}},"id":2}'
+  -d '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"productive","arguments":{"resource":"projects","action":"list"}},"id":2}'
+
+# Get a specific project
+curl -X POST http://localhost:3000/mcp \
+  -H "Authorization: Bearer $TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"jsonrpc":"2.0","method":"tools/call","params":{"name":"productive","arguments":{"resource":"projects","action":"get","id":"12345"}},"id":3}'
 ```
 
 ---
@@ -353,13 +443,22 @@ productive-mcp/
 │   ├── http.ts       # HTTP routes and MCP endpoint
 │   ├── oauth.ts      # OAuth 2.0 endpoints
 │   ├── crypto.ts     # Encryption for stateless OAuth tokens
-│   ├── tools.ts      # Tool definitions (shared)
-│   ├── handlers.ts   # Tool execution (shared)
+│   ├── tools.ts      # Tool definitions (single unified tool)
+│   ├── handlers.ts   # Tool execution logic
+│   ├── formatters.ts # Response formatting with compact mode
 │   └── auth.ts       # Bearer token parsing
 ├── Dockerfile
 └── README.md
 ```
 
+### Token Optimization
+
+The server uses a single unified `productive` tool instead of multiple individual tools. This reduces the tool schema from ~1300 tokens to ~180 tokens (86% reduction), which:
+
+- Reduces context window usage
+- Minimizes compaction frequency
+- Improves response times
+
 ### OAuth Flow (Stateless)
 
 The OAuth implementation is **stateless** - no database or session storage required:
@@ -386,8 +485,8 @@ MIT © [Studio Meta](https://www.studiometa.fr)
 
 ## Links
 
-- [GitHub Repository](https://github.com/studiometa/productive-cli)
+- [GitHub Repository](https://github.com/studiometa/productive-tools)
 - [Productive.io API Docs](https://developer.productive.io)
 - [MCP Documentation](https://modelcontextprotocol.io)
 - [Claude Desktop Custom Connectors](https://docs.anthropic.com)
-- [Issues](https://github.com/studiometa/productive-cli/issues)
+- [Issues](https://github.com/studiometa/productive-tools/issues)

package/dist/auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,qBAAqB;IACpC,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GAAG,qBAAqB,GAAG,IAAI,CAkCnG;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAAC,WAAW,EAAE,qBAAqB,GAAG,MAAM,CAM1E"}
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,qBAAqB;IACpC,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI,GACpC,qBAAqB,GAAG,IAAI,CAkC9B;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAAC,WAAW,EAAE,qBAAqB,GAAG,MAAM,CAM1E"}

package/dist/auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.js","sources":["../src/auth.ts"],"sourcesContent":["/**\n * Authentication utilities for Productive MCP server\n */\n\nexport interface ProductiveCredentials {\n  organizationId: string;\n  apiToken: string;\n  userId?: string;\n}\n\n/**\n * Parse Bearer token containing Productive credentials\n * Token format: base64(organizationId:apiToken) or base64(organizationId:apiToken:userId)\n *\n * @param authHeader - Authorization header value (e.g., \"Bearer base64...\")\n * @returns Parsed credentials or null if invalid\n */\nexport function parseAuthHeader(authHeader: string | undefined | null): ProductiveCredentials | null {\n  if (!authHeader) {\n    return null;\n  }\n\n  const match = authHeader.match(/^Bearer\\s+(.+)$/i);\n  if (!match) {\n    return null;\n  }\n\n  const token = match[1];\n\n  try {\n    const decoded = Buffer.from(token, 'base64').toString('utf-8');\n    const parts = decoded.split(':');\n\n    if (parts.length < 2) {\n      return null;\n    }\n\n    const [organizationId, apiToken, userId] = parts;\n\n    if (!organizationId || !apiToken) {\n      return null;\n    }\n\n    return {\n      organizationId,\n      apiToken,\n      userId: userId || undefined,\n    };\n  } catch {\n    return null;\n  }\n}\n\n/**\n * Create a Bearer token from Productive credentials\n * Useful for documentation and testing\n *\n * @param credentials - Productive credentials\n * @returns Base64 encoded token (without \"Bearer \" prefix)\n */\nexport function createAuthToken(credentials: ProductiveCredentials): string {\n  const parts = [credentials.organizationId, credentials.apiToken];\n  if (credentials.userId) {\n    parts.push(credentials.userId);\n  }\n  return Buffer.from(parts.join(':')).toString('base64');\n}\n"],"names":[],"mappings":"AAiBO,SAAS,gBAAgB,YAAqE;AACnG,MAAI,CAAC,YAAY;AACf,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ,WAAW,MAAM,kBAAkB;AACjD,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ,MAAM,CAAC;AAErB,MAAI;AACF,UAAM,UAAU,OAAO,KAAK,OAAO,QAAQ,EAAE,SAAS,OAAO;AAC7D,UAAM,QAAQ,QAAQ,MAAM,GAAG;AAE/B,QAAI,MAAM,SAAS,GAAG;AACpB,aAAO;AAAA,IACT;AAEA,UAAM,CAAC,gBAAgB,UAAU,MAAM,IAAI;AAE3C,QAAI,CAAC,kBAAkB,CAAC,UAAU;AAChC,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,QAAQ,UAAU;AAAA,IAAA;AAAA,EAEtB,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AASO,SAAS,gBAAgB,aAA4C;AAC1E,QAAM,QAAQ,CAAC,YAAY,gBAAgB,YAAY,QAAQ;AAC/D,MAAI,YAAY,QAAQ;AACtB,UAAM,KAAK,YAAY,MAAM;AAAA,EAC/B;AACA,SAAO,OAAO,KAAK,MAAM,KAAK,GAAG,CAAC,EAAE,SAAS,QAAQ;AACvD;"}
+{"version":3,"file":"auth.js","sources":["../src/auth.ts"],"sourcesContent":["/**\n * Authentication utilities for Productive MCP server\n */\n\nexport interface ProductiveCredentials {\n  organizationId: string;\n  apiToken: string;\n  userId?: string;\n}\n\n/**\n * Parse Bearer token containing Productive credentials\n * Token format: base64(organizationId:apiToken) or base64(organizationId:apiToken:userId)\n *\n * @param authHeader - Authorization header value (e.g., \"Bearer base64...\")\n * @returns Parsed credentials or null if invalid\n */\nexport function parseAuthHeader(\n  authHeader: string | undefined | null,\n): ProductiveCredentials | null {\n  if (!authHeader) {\n    return null;\n  }\n\n  const match = authHeader.match(/^Bearer\\s+(.+)$/i);\n  if (!match) {\n    return null;\n  }\n\n  const token = match[1];\n\n  try {\n    const decoded = Buffer.from(token, 'base64').toString('utf-8');\n    const parts = decoded.split(':');\n\n    if (parts.length < 2) {\n      return null;\n    }\n\n    const [organizationId, apiToken, userId] = parts;\n\n    if (!organizationId || !apiToken) {\n      return null;\n    }\n\n    return {\n      organizationId,\n      apiToken,\n      userId: userId || undefined,\n    };\n  } catch {\n    return null;\n  }\n}\n\n/**\n * Create a Bearer token from Productive credentials\n * Useful for documentation and testing\n *\n * @param credentials - Productive credentials\n * @returns Base64 encoded token (without \"Bearer \" prefix)\n */\nexport function createAuthToken(credentials: ProductiveCredentials): string {\n  const parts = [credentials.organizationId, credentials.apiToken];\n  if (credentials.userId) {\n    parts.push(credentials.userId);\n  }\n  return Buffer.from(parts.join(':')).toString('base64');\n}\n"],"names":[],"mappings":"AAiBO,SAAS,gBACd,YAC8B;AAC9B,MAAI,CAAC,YAAY;AACf,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ,WAAW,MAAM,kBAAkB;AACjD,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,QAAM,QAAQ,MAAM,CAAC;AAErB,MAAI;AACF,UAAM,UAAU,OAAO,KAAK,OAAO,QAAQ,EAAE,SAAS,OAAO;AAC7D,UAAM,QAAQ,QAAQ,MAAM,GAAG;AAE/B,QAAI,MAAM,SAAS,GAAG;AACpB,aAAO;AAAA,IACT;AAEA,UAAM,CAAC,gBAAgB,UAAU,MAAM,IAAI;AAE3C,QAAI,CAAC,kBAAkB,CAAC,UAAU;AAChC,aAAO;AAAA,IACT;AAEA,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,QAAQ,UAAU;AAAA,IAAA;AAAA,EAEtB,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AASO,SAAS,gBAAgB,aAA4C;AAC1E,QAAM,QAAQ,CAAC,YAAY,gBAAgB,YAAY,QAAQ;AAC/D,MAAI,YAAY,QAAQ;AACtB,UAAM,KAAK,YAAY,MAAM;AAAA,EAC/B;AACA,SAAO,OAAO,KAAK,MAAM,KAAK,GAAG,CAAC,EAAE,SAAS,QAAQ;AACvD;"}

package/dist/crypto.js

@@ -37,7 +37,7 @@ function decrypt(ciphertext, secret = getSecret()) {
     );
     const encrypted = combined.subarray(SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);
     const key = deriveKey(secret, salt);
-    const decipher = createDecipheriv(ALGORITHM, key, iv);
+    const decipher = createDecipheriv(ALGORITHM, key, iv, { authTagLength: AUTH_TAG_LENGTH });
     decipher.setAuthTag(authTag);
     const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);
     return decrypted.toString("utf8");

package/dist/crypto.js.map

@@ -1 +1 @@
-{"version":3,"file":"crypto.js","sources":["../src/crypto.ts"],"sourcesContent":["/**\n * Cryptographic utilities for stateless OAuth tokens\n *\n * Uses AES-256-GCM for authenticated encryption.\n * The authorization code contains encrypted credentials that can be\n * decrypted without server-side storage.\n */\n\nimport { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'node:crypto';\n\nconst ALGORITHM = 'aes-256-gcm';\nconst IV_LENGTH = 12; // GCM recommended IV length\nconst AUTH_TAG_LENGTH = 16;\nconst SALT_LENGTH = 16;\n\n/**\n * Derive a 256-bit key from a password using scrypt\n */\nfunction deriveKey(password: string, salt: Buffer): Buffer {\n  return scryptSync(password, salt, 32);\n}\n\n/**\n * Get the encryption secret from environment or generate a default\n * In production, OAUTH_SECRET should always be set\n */\nexport function getSecret(): string {\n  const secret = process.env.OAUTH_SECRET;\n  if (!secret) {\n    console.warn(\n      'WARNING: OAUTH_SECRET not set. Using default secret. Set OAUTH_SECRET in production!'\n    );\n    return 'productive-mcp-default-secret-change-me';\n  }\n  return secret;\n}\n\n/**\n * Encrypt data using AES-256-GCM\n *\n * Output format: base64(salt + iv + authTag + ciphertext)\n *\n * @param plaintext - Data to encrypt\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Base64-encoded encrypted data\n */\nexport function encrypt(plaintext: string, secret: string = getSecret()): string {\n  const salt = randomBytes(SALT_LENGTH);\n  const key = deriveKey(secret, salt);\n  const iv = randomBytes(IV_LENGTH);\n\n  const cipher = createCipheriv(ALGORITHM, key, iv);\n  const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);\n  const authTag = cipher.getAuthTag();\n\n  // Combine: salt + iv + authTag + ciphertext\n  const combined = Buffer.concat([salt, iv, authTag, encrypted]);\n\n  return combined.toString('base64url');\n}\n\n/**\n * Decrypt data encrypted with encrypt()\n *\n * @param ciphertext - Base64-encoded encrypted data\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Decrypted plaintext\n * @throws Error if decryption fails (invalid data or wrong secret)\n */\nexport function decrypt(ciphertext: string, secret: string = getSecret()): string {\n  try {\n    const combined = Buffer.from(ciphertext, 'base64url');\n\n    // Extract components\n    const salt = combined.subarray(0, SALT_LENGTH);\n    const iv = combined.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);\n    const authTag = combined.subarray(\n      SALT_LENGTH + IV_LENGTH,\n      SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH\n    );\n    const encrypted = combined.subarray(SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);\n\n    const key = deriveKey(secret, salt);\n\n    const decipher = createDecipheriv(ALGORITHM, key, iv);\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);\n\n    return decrypted.toString('utf8');\n  } catch {\n    throw new Error('Decryption failed: invalid token or secret');\n  }\n}\n\n/**\n * Authorization code payload structure\n */\nexport interface AuthCodePayload {\n  orgId: string;\n  apiToken: string;\n  userId?: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n}\n\n/**\n * Create an encrypted authorization code containing credentials and PKCE challenge\n *\n * @param credentials - Object with orgId, apiToken, userId, and optional PKCE params\n * @param expiresInSeconds - Code expiration time (default: 5 minutes)\n * @returns Encrypted authorization code\n */\nexport function createAuthCode(\n  credentials: AuthCodePayload,\n  expiresInSeconds: number = 300\n): string {\n  const payload = {\n    ...credentials,\n    exp: Date.now() + expiresInSeconds * 1000,\n  };\n  return encrypt(JSON.stringify(payload));\n}\n\n/**\n * Decode and validate an authorization code\n *\n * @param code - Encrypted authorization code\n * @returns Decoded payload with credentials and PKCE challenge\n * @throws Error if code is invalid or expired\n */\nexport function decodeAuthCode(code: string): AuthCodePayload {\n  const payload = JSON.parse(decrypt(code));\n\n  if (payload.exp && Date.now() > payload.exp) {\n    throw new Error('Authorization code expired');\n  }\n\n  const { orgId, apiToken, userId, codeChallenge, codeChallengeMethod } = payload;\n\n  if (!orgId || !apiToken) {\n    throw new Error('Invalid authorization code: missing credentials');\n  }\n\n  return { orgId, apiToken, userId, codeChallenge, codeChallengeMethod };\n}\n"],"names":[],"mappings":";AAUA,MAAM,YAAY;AAClB,MAAM,YAAY;AAClB,MAAM,kBAAkB;AACxB,MAAM,cAAc;AAKpB,SAAS,UAAU,UAAkB,MAAsB;AACzD,SAAO,WAAW,UAAU,MAAM,EAAE;AACtC;AAMO,SAAS,YAAoB;AAClC,QAAM,SAAS,QAAQ,IAAI;AAC3B,MAAI,CAAC,QAAQ;AACX,YAAQ;AAAA,MACN;AAAA,IAAA;AAEF,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAWO,SAAS,QAAQ,WAAmB,SAAiB,aAAqB;AAC/E,QAAM,OAAO,YAAY,WAAW;AACpC,QAAM,MAAM,UAAU,QAAQ,IAAI;AAClC,QAAM,KAAK,YAAY,SAAS;AAEhC,QAAM,SAAS,eAAe,WAAW,KAAK,EAAE;AAChD,QAAM,YAAY,OAAO,OAAO,CAAC,OAAO,OAAO,WAAW,MAAM,GAAG,OAAO,MAAA,CAAO,CAAC;AAClF,QAAM,UAAU,OAAO,WAAA;AAGvB,QAAM,WAAW,OAAO,OAAO,CAAC,MAAM,IAAI,SAAS,SAAS,CAAC;AAE7D,SAAO,SAAS,SAAS,WAAW;AACtC;AAUO,SAAS,QAAQ,YAAoB,SAAiB,aAAqB;AAChF,MAAI;AACF,UAAM,WAAW,OAAO,KAAK,YAAY,WAAW;AAGpD,UAAM,OAAO,SAAS,SAAS,GAAG,WAAW;AAC7C,UAAM,KAAK,SAAS,SAAS,aAAa,cAAc,SAAS;AACjE,UAAM,UAAU,SAAS;AAAA,MACvB,cAAc;AAAA,MACd,cAAc,YAAY;AAAA,IAAA;AAE5B,UAAM,YAAY,SAAS,SAAS,cAAc,YAAY,eAAe;AAE7E,UAAM,MAAM,UAAU,QAAQ,IAAI;AAElC,UAAM,WAAW,iBAAiB,WAAW,KAAK,EAAE;AACpD,aAAS,WAAW,OAAO;AAE3B,UAAM,YAAY,OAAO,OAAO,CAAC,SAAS,OAAO,SAAS,GAAG,SAAS,MAAA,CAAO,CAAC;AAE9E,WAAO,UAAU,SAAS,MAAM;AAAA,EAClC,QAAQ;AACN,UAAM,IAAI,MAAM,4CAA4C;AAAA,EAC9D;AACF;AAoBO,SAAS,eACd,aACA,mBAA2B,KACnB;AACR,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,KAAK,KAAK,IAAA,IAAQ,mBAAmB;AAAA,EAAA;AAEvC,SAAO,QAAQ,KAAK,UAAU,OAAO,CAAC;AACxC;AASO,SAAS,eAAe,MAA+B;AAC5D,QAAM,UAAU,KAAK,MAAM,QAAQ,IAAI,CAAC;AAExC,MAAI,QAAQ,OAAO,KAAK,IAAA,IAAQ,QAAQ,KAAK;AAC3C,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAEA,QAAM,EAAE,OAAO,UAAU,QAAQ,eAAe,wBAAwB;AAExE,MAAI,CAAC,SAAS,CAAC,UAAU;AACvB,UAAM,IAAI,MAAM,iDAAiD;AAAA,EACnE;AAEA,SAAO,EAAE,OAAO,UAAU,QAAQ,eAAe,oBAAA;AACnD;"}
+{"version":3,"file":"crypto.js","sources":["../src/crypto.ts"],"sourcesContent":["/**\n * Cryptographic utilities for stateless OAuth tokens\n *\n * Uses AES-256-GCM for authenticated encryption.\n * The authorization code contains encrypted credentials that can be\n * decrypted without server-side storage.\n */\n\nimport { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'node:crypto';\n\nconst ALGORITHM = 'aes-256-gcm';\nconst IV_LENGTH = 12; // GCM recommended IV length\nconst AUTH_TAG_LENGTH = 16;\nconst SALT_LENGTH = 16;\n\n/**\n * Derive a 256-bit key from a password using scrypt\n */\nfunction deriveKey(password: string, salt: Buffer): Buffer {\n  return scryptSync(password, salt, 32);\n}\n\n/**\n * Get the encryption secret from environment or generate a default\n * In production, OAUTH_SECRET should always be set\n */\nexport function getSecret(): string {\n  const secret = process.env.OAUTH_SECRET;\n  if (!secret) {\n    console.warn(\n      'WARNING: OAUTH_SECRET not set. Using default secret. Set OAUTH_SECRET in production!',\n    );\n    return 'productive-mcp-default-secret-change-me';\n  }\n  return secret;\n}\n\n/**\n * Encrypt data using AES-256-GCM\n *\n * Output format: base64(salt + iv + authTag + ciphertext)\n *\n * @param plaintext - Data to encrypt\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Base64-encoded encrypted data\n */\nexport function encrypt(plaintext: string, secret: string = getSecret()): string {\n  const salt = randomBytes(SALT_LENGTH);\n  const key = deriveKey(secret, salt);\n  const iv = randomBytes(IV_LENGTH);\n\n  const cipher = createCipheriv(ALGORITHM, key, iv);\n  const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);\n  const authTag = cipher.getAuthTag();\n\n  // Combine: salt + iv + authTag + ciphertext\n  const combined = Buffer.concat([salt, iv, authTag, encrypted]);\n\n  return combined.toString('base64url');\n}\n\n/**\n * Decrypt data encrypted with encrypt()\n *\n * @param ciphertext - Base64-encoded encrypted data\n * @param secret - Encryption secret (defaults to OAUTH_SECRET env var)\n * @returns Decrypted plaintext\n * @throws Error if decryption fails (invalid data or wrong secret)\n */\nexport function decrypt(ciphertext: string, secret: string = getSecret()): string {\n  try {\n    const combined = Buffer.from(ciphertext, 'base64url');\n\n    // Extract components\n    const salt = combined.subarray(0, SALT_LENGTH);\n    const iv = combined.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);\n    const authTag = combined.subarray(\n      SALT_LENGTH + IV_LENGTH,\n      SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH,\n    );\n    const encrypted = combined.subarray(SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH);\n\n    const key = deriveKey(secret, salt);\n\n    const decipher = createDecipheriv(ALGORITHM, key, iv, { authTagLength: AUTH_TAG_LENGTH });\n    decipher.setAuthTag(authTag);\n\n    const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);\n\n    return decrypted.toString('utf8');\n  } catch {\n    throw new Error('Decryption failed: invalid token or secret');\n  }\n}\n\n/**\n * Authorization code payload structure\n */\nexport interface AuthCodePayload {\n  orgId: string;\n  apiToken: string;\n  userId?: string;\n  codeChallenge?: string;\n  codeChallengeMethod?: string;\n}\n\n/**\n * Create an encrypted authorization code containing credentials and PKCE challenge\n *\n * @param credentials - Object with orgId, apiToken, userId, and optional PKCE params\n * @param expiresInSeconds - Code expiration time (default: 5 minutes)\n * @returns Encrypted authorization code\n */\nexport function createAuthCode(\n  credentials: AuthCodePayload,\n  expiresInSeconds: number = 300,\n): string {\n  const payload = {\n    ...credentials,\n    exp: Date.now() + expiresInSeconds * 1000,\n  };\n  return encrypt(JSON.stringify(payload));\n}\n\n/**\n * Decode and validate an authorization code\n *\n * @param code - Encrypted authorization code\n * @returns Decoded payload with credentials and PKCE challenge\n * @throws Error if code is invalid or expired\n */\nexport function decodeAuthCode(code: string): AuthCodePayload {\n  const payload = JSON.parse(decrypt(code));\n\n  if (payload.exp && Date.now() > payload.exp) {\n    throw new Error('Authorization code expired');\n  }\n\n  const { orgId, apiToken, userId, codeChallenge, codeChallengeMethod } = payload;\n\n  if (!orgId || !apiToken) {\n    throw new Error('Invalid authorization code: missing credentials');\n  }\n\n  return { orgId, apiToken, userId, codeChallenge, codeChallengeMethod };\n}\n"],"names":[],"mappings":";AAUA,MAAM,YAAY;AAClB,MAAM,YAAY;AAClB,MAAM,kBAAkB;AACxB,MAAM,cAAc;AAKpB,SAAS,UAAU,UAAkB,MAAsB;AACzD,SAAO,WAAW,UAAU,MAAM,EAAE;AACtC;AAMO,SAAS,YAAoB;AAClC,QAAM,SAAS,QAAQ,IAAI;AAC3B,MAAI,CAAC,QAAQ;AACX,YAAQ;AAAA,MACN;AAAA,IAAA;AAEF,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAWO,SAAS,QAAQ,WAAmB,SAAiB,aAAqB;AAC/E,QAAM,OAAO,YAAY,WAAW;AACpC,QAAM,MAAM,UAAU,QAAQ,IAAI;AAClC,QAAM,KAAK,YAAY,SAAS;AAEhC,QAAM,SAAS,eAAe,WAAW,KAAK,EAAE;AAChD,QAAM,YAAY,OAAO,OAAO,CAAC,OAAO,OAAO,WAAW,MAAM,GAAG,OAAO,MAAA,CAAO,CAAC;AAClF,QAAM,UAAU,OAAO,WAAA;AAGvB,QAAM,WAAW,OAAO,OAAO,CAAC,MAAM,IAAI,SAAS,SAAS,CAAC;AAE7D,SAAO,SAAS,SAAS,WAAW;AACtC;AAUO,SAAS,QAAQ,YAAoB,SAAiB,aAAqB;AAChF,MAAI;AACF,UAAM,WAAW,OAAO,KAAK,YAAY,WAAW;AAGpD,UAAM,OAAO,SAAS,SAAS,GAAG,WAAW;AAC7C,UAAM,KAAK,SAAS,SAAS,aAAa,cAAc,SAAS;AACjE,UAAM,UAAU,SAAS;AAAA,MACvB,cAAc;AAAA,MACd,cAAc,YAAY;AAAA,IAAA;AAE5B,UAAM,YAAY,SAAS,SAAS,cAAc,YAAY,eAAe;AAE7E,UAAM,MAAM,UAAU,QAAQ,IAAI;AAElC,UAAM,WAAW,iBAAiB,WAAW,KAAK,IAAI,EAAE,eAAe,iBAAiB;AACxF,aAAS,WAAW,OAAO;AAE3B,UAAM,YAAY,OAAO,OAAO,CAAC,SAAS,OAAO,SAAS,GAAG,SAAS,MAAA,CAAO,CAAC;AAE9E,WAAO,UAAU,SAAS,MAAM;AAAA,EAClC,QAAQ;AACN,UAAM,IAAI,MAAM,4CAA4C;AAAA,EAC9D;AACF;AAoBO,SAAS,eACd,aACA,mBAA2B,KACnB;AACR,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH,KAAK,KAAK,IAAA,IAAQ,mBAAmB;AAAA,EAAA;AAEvC,SAAO,QAAQ,KAAK,UAAU,OAAO,CAAC;AACxC;AASO,SAAS,eAAe,MAA+B;AAC5D,QAAM,UAAU,KAAK,MAAM,QAAQ,IAAI,CAAC;AAExC,MAAI,QAAQ,OAAO,KAAK,IAAA,IAAQ,QAAQ,KAAK;AAC3C,UAAM,IAAI,MAAM,4BAA4B;AAAA,EAC9C;AAEA,QAAM,EAAE,OAAO,UAAU,QAAQ,eAAe,wBAAwB;AAExE,MAAI,CAAC,SAAS,CAAC,UAAU;AACvB,UAAM,IAAI,MAAM,iDAAiD;AAAA,EACnE;AAEA,SAAO,EAAE,OAAO,UAAU,QAAQ,eAAe,oBAAA;AACnD;"}

package/dist/formatters.d.ts

@@ -3,39 +3,69 @@
  *
  * This module re-exports formatters from @studiometa/productive-cli
  * with MCP-specific defaults (no relationship IDs, no timestamps).
+ *
+ * Supports compact mode to reduce token usage by omitting verbose fields
+ * like descriptions and notes from list responses.
  */
 import { type JsonApiResource, type JsonApiMeta, type FormatOptions, type FormattedPagination } from '@studiometa/productive-cli';
 export type { JsonApiResource, JsonApiMeta, FormatOptions, FormattedPagination };
+/**
+ * Extended format options for MCP with compact mode
+ */
+export interface McpFormatOptions {
+    compact?: boolean;
+    included?: JsonApiResource[];
+}
 /**
  * Format time entry for agent consumption
  */
-export declare function formatTimeEntry(entry: JsonApiResource, _included?: JsonApiResource[]): Record<string, unknown>;
+export declare function formatTimeEntry(entry: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
 /**
  * Format project for agent consumption
  */
-export declare function formatProject(project: JsonApiResource, _included?: JsonApiResource[]): Record<string, unknown>;
+export declare function formatProject(project: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
 /**
  * Format task for agent consumption
  * Tasks use included resources to resolve project/company names
  */
-export declare function formatTask(task: JsonApiResource, included?: JsonApiResource[]): Record<string, unknown>;
+export declare function formatTask(task: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
 /**
  * Format person for agent consumption
  */
-export declare function formatPerson(person: JsonApiResource, _included?: JsonApiResource[]): Record<string, unknown>;
+export declare function formatPerson(person: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
 /**
  * Format service for agent consumption
  */
-export declare function formatService(service: JsonApiResource, _included?: JsonApiResource[]): Record<string, unknown>;
+export declare function formatService(service: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
+/**
+ * Format company for agent consumption
+ */
+export declare function formatCompany(company: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
+/**
+ * Format comment for agent consumption
+ */
+export declare function formatComment(comment: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
+/**
+ * Format timer for agent consumption
+ */
+export declare function formatTimer(timer: JsonApiResource, _options?: McpFormatOptions): Record<string, unknown>;
+/**
+ * Format deal for agent consumption
+ */
+export declare function formatDeal(deal: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
+/**
+ * Format booking for agent consumption
+ */
+export declare function formatBooking(booking: JsonApiResource, options?: McpFormatOptions): Record<string, unknown>;
 /**
  * Format list response with pagination
  *
  * @param data - Array of JSON:API resources
- * @param formatter - Formatter function (item, included?) => T
+ * @param formatter - Formatter function (item, options?) => T
  * @param meta - Pagination metadata
- * @param included - Included resources for relationship resolution
+ * @param options - MCP format options (compact, included)
  */
-export declare function formatListResponse<T>(data: JsonApiResource[], formatter: (item: JsonApiResource, included?: JsonApiResource[]) => T, meta?: JsonApiMeta, included?: JsonApiResource[]): {
+export declare function formatListResponse<T>(data: JsonApiResource[], formatter: (item: JsonApiResource, options?: McpFormatOptions) => T, meta?: JsonApiMeta, options?: McpFormatOptions): {
     data: T[];
     meta?: FormattedPagination;
 };

package/dist/formatters.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"formatters.d.ts","sourceRoot":"","sources":["../src/formatters.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAOL,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACzB,MAAM,4BAA4B,CAAC;AAGpC,YAAY,EAAE,eAAe,EAAE,WAAW,EAAE,aAAa,EAAE,mBAAmB,EAAE,CAAC;AAcjF;;GAEG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE,eAAe,EACtB,SAAS,CAAC,EAAE,eAAe,EAAE,GAC5B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEzB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,SAAS,CAAC,EAAE,eAAe,EAAE,GAC5B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEzB;AAED;;;GAGG;AACH,wBAAgB,UAAU,CACxB,IAAI,EAAE,eAAe,EACrB,QAAQ,CAAC,EAAE,eAAe,EAAE,GAC3B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEzB;AAED;;GAEG;AACH,wBAAgB,YAAY,CAC1B,MAAM,EAAE,eAAe,EACvB,SAAS,CAAC,EAAE,eAAe,EAAE,GAC5B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEzB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,SAAS,CAAC,EAAE,eAAe,EAAE,GAC5B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAEzB;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,CAAC,EAClC,IAAI,EAAE,eAAe,EAAE,EACvB,SAAS,EAAE,CAAC,IAAI,EAAE,eAAe,EAAE,QAAQ,CAAC,EAAE,eAAe,EAAE,KAAK,CAAC,EACrE,IAAI,CAAC,EAAE,WAAW,EAClB,QAAQ,CAAC,EAAE,eAAe,EAAE,GAC3B;IAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAAC,IAAI,CAAC,EAAE,mBAAmB,CAAA;CAAE,CAY3C"}
+{"version":3,"file":"formatters.d.ts","sourceRoot":"","sources":["../src/formatters.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAYL,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,aAAa,EAClB,KAAK,mBAAmB,EACzB,MAAM,4BAA4B,CAAC;AAGpC,YAAY,EAAE,eAAe,EAAE,WAAW,EAAE,aAAa,EAAE,mBAAmB,EAAE,CAAC;AAcjF;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,eAAe,EAAE,CAAC;CAC9B;AAaD;;GAEG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE,eAAe,EACtB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED;;;GAGG;AACH,wBAAgB,UAAU,CACxB,IAAI,EAAE,eAAe,EACrB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAazB;AAED;;GAEG;AACH,wBAAgB,YAAY,CAC1B,MAAM,EAAE,eAAe,EACvB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAGzB;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,KAAK,EAAE,eAAe,EACtB,QAAQ,CAAC,EAAE,gBAAgB,GAC1B,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAGzB;AAED;;GAEG;AACH,wBAAgB,UAAU,CACxB,IAAI,EAAE,eAAe,EACrB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED;;GAEG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,eAAe,EACxB,OAAO,CAAC,EAAE,gBAAgB,GACzB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAMzB;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,CAAC,EAClC,IAAI,EAAE,eAAe,EAAE,EACvB,SAAS,EAAE,CAAC,IAAI,EAAE,eAAe,EAAE,OAAO,CAAC,EAAE,gBAAgB,KAAK,CAAC,EACnE,IAAI,CAAC,EAAE,WAAW,EAClB,OAAO,CAAC,EAAE,gBAAgB,GACzB;IAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAAC,IAAI,CAAC,EAAE,mBAAmB,CAAA;CAAE,CAY3C"}

package/dist/handlers/bookings.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Bookings resource handler
+ */
+import type { HandlerContext, BookingArgs, ToolResult } from './types.js';
+export declare function handleBookings(action: string, args: BookingArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=bookings.d.ts.map

package/dist/handlers/bookings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bookings.d.ts","sourceRoot":"","sources":["../../src/handlers/bookings.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAK1E,wBAAsB,cAAc,CAClC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,WAAW,EACjB,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,UAAU,CAAC,CAmDrB"}

package/dist/handlers/comments.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Comments resource handler
+ */
+import type { HandlerContext, CommentArgs, ToolResult } from './types.js';
+export declare function handleComments(action: string, args: CommentArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=comments.d.ts.map

package/dist/handlers/comments.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"comments.d.ts","sourceRoot":"","sources":["../../src/handlers/comments.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAK1E,wBAAsB,cAAc,CAClC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,WAAW,EACjB,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,UAAU,CAAC,CA0CrB"}

package/dist/handlers/companies.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Companies resource handler
+ */
+import type { HandlerContext, CompanyArgs, ToolResult } from './types.js';
+export declare function handleCompanies(action: string, args: CompanyArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=companies.d.ts.map

package/dist/handlers/companies.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"companies.d.ts","sourceRoot":"","sources":["../../src/handlers/companies.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAK1E,wBAAsB,eAAe,CACnC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,WAAW,EACjB,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,UAAU,CAAC,CA8BrB"}

package/dist/handlers/deals.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Deals resource handler
+ */
+import type { HandlerContext, DealArgs, ToolResult } from './types.js';
+export declare function handleDeals(action: string, args: DealArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=deals.d.ts.map

package/dist/handlers/deals.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deals.d.ts","sourceRoot":"","sources":["../../src/handlers/deals.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAKvE,wBAAsB,WAAW,CAC/B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,QAAQ,EACd,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,UAAU,CAAC,CA0CrB"}

package/dist/handlers/index.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Tool execution handlers for Productive MCP server
+ * These are shared between stdio and HTTP transports
+ *
+ * Single consolidated tool for minimal token overhead:
+ * - productive: resource + action based API
+ */
+import type { ProductiveCredentials } from '../auth.js';
+import type { ToolResult } from './types.js';
+export type { ToolResult } from './types.js';
+/**
+ * Execute a tool with the given credentials and arguments
+ */
+export declare function executeToolWithCredentials(name: string, args: Record<string, unknown>, credentials: ProductiveCredentials): Promise<ToolResult>;
+//# sourceMappingURL=index.d.ts.map

package/dist/handlers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/handlers/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAExD,OAAO,KAAK,EAAE,UAAU,EAAkB,MAAM,YAAY,CAAC;AAgB7D,YAAY,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AA2C7C;;GAEG;AACH,wBAAsB,0BAA0B,CAC9C,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,WAAW,EAAE,qBAAqB,GACjC,OAAO,CAAC,UAAU,CAAC,CA4ErB"}

package/dist/handlers/people.d.ts

@@ -0,0 +1,7 @@
+/**
+ * People resource handler
+ */
+import type { ProductiveCredentials } from '../auth.js';
+import type { HandlerContext, CommonArgs, ToolResult } from './types.js';
+export declare function handlePeople(action: string, args: CommonArgs, ctx: HandlerContext, credentials: ProductiveCredentials): Promise<ToolResult>;
+//# sourceMappingURL=people.d.ts.map

package/dist/handlers/people.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"people.d.ts","sourceRoot":"","sources":["../../src/handlers/people.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAKzE,wBAAsB,YAAY,CAChC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,UAAU,EAChB,GAAG,EAAE,cAAc,EACnB,WAAW,EAAE,qBAAqB,GACjC,OAAO,CAAC,UAAU,CAAC,CA2BrB"}

package/dist/handlers/projects.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Projects resource handler
+ */
+import type { HandlerContext, CommonArgs, ToolResult } from './types.js';
+export declare function handleProjects(action: string, args: CommonArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=projects.d.ts.map

package/dist/handlers/projects.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"projects.d.ts","sourceRoot":"","sources":["../../src/handlers/projects.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAKzE,wBAAsB,cAAc,CAClC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,UAAU,EAChB,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,UAAU,CAAC,CAgBrB"}

package/dist/handlers/services.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Services resource handler
+ */
+import type { HandlerContext, CommonArgs, ToolResult } from './types.js';
+export declare function handleServices(action: string, _args: CommonArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=services.d.ts.map

package/dist/handlers/services.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"services.d.ts","sourceRoot":"","sources":["../../src/handlers/services.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAKzE,wBAAsB,cAAc,CAClC,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,UAAU,EACjB,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,UAAU,CAAC,CASrB"}

package/dist/handlers/tasks.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Tasks resource handler
+ */
+import type { HandlerContext, TaskArgs, ToolResult } from './types.js';
+export declare function handleTasks(action: string, args: TaskArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=tasks.d.ts.map

package/dist/handlers/tasks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tasks.d.ts","sourceRoot":"","sources":["../../src/handlers/tasks.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAKvE,wBAAsB,WAAW,CAC/B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,QAAQ,EACd,GAAG,EAAE,cAAc,GAClB,OAAO,CAAC,UAAU,CAAC,CA8CrB"}

package/dist/handlers/time.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Time entries resource handler
+ */
+import type { HandlerContext, CommonArgs, ToolResult } from './types.js';
+export declare function handleTime(action: string, args: CommonArgs, ctx: HandlerContext): Promise<ToolResult>;
+//# sourceMappingURL=time.d.ts.map