@thotischner/observability-mcp 3.0.0 → 3.0.1

package/dist/policy/redact.js

@@ -31,7 +31,7 @@ const PATTERNS = [
     // - PEM private-key blocks: greedy match across newlines.
     { category: "aws-key", re: /\b(?:AKIA|ASIA|AROA)[0-9A-Z]{16,20}\b/g },
     { category: "slack-token", re: /\bxox[abprsu]-[A-Za-z0-9-]{10,}\b/g },
-    { category: "gh-pat", re: /\b(?:github_pat_[A-Za-z0-9_]{40,}|gh[opsuru]_[A-Za-z0-9]{36})\b/g },
+    { category: "gh-pat", re: /\b(?:github_pat_[A-Za-z0-9_]{40,}|gh[oprsu]_[A-Za-z0-9]{36})\b/g },
     { category: "private-key", re: /-----BEGIN (?:RSA |EC |DSA |OPENSSH |PGP |ENCRYPTED )?PRIVATE KEY-----[\s\S]*?-----END (?:RSA |EC |DSA |OPENSSH |PGP |ENCRYPTED )?PRIVATE KEY-----/g },
     // emails before other patterns so they don't get eaten partially
     { category: "email", re: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,24}\b/g },

package/dist/postmortem/store.d.ts

@@ -0,0 +1,34 @@
+import type { PostmortemReport } from "./synthesizer.js";
+export interface StoredPostmortem {
+    id: string;
+    /** RFC-3339 timestamp of when the report was generated. */
+    ts: string;
+    /** Subject identity that called generate_postmortem. */
+    createdBy: string;
+    /** Tenant the report belongs to. */
+    tenant: string;
+    /** The shipped report shape — service + window + synopsis +
+     *  markdown + sections. */
+    report: PostmortemReport;
+}
+export declare class PostmortemStore {
+    private readonly path;
+    private entries;
+    private bootstrapped;
+    constructor(path: string);
+    load(): Promise<void>;
+    /** List entries, newest-first. Optionally scoped to a tenant. */
+    list(tenant?: string): StoredPostmortem[];
+    get(id: string, tenant?: string): StoredPostmortem | undefined;
+    /** Append a freshly-generated report. Returns the stored entry
+     *  with its assigned id + ts. */
+    append(input: {
+        report: PostmortemReport;
+        createdBy: string;
+        tenant: string;
+    }): Promise<StoredPostmortem>;
+    /** Delete one entry by id. Atomic rewrite. Returns whether
+     *  anything was removed. */
+    delete(id: string, tenant?: string): Promise<boolean>;
+    private rewrite;
+}

package/dist/postmortem/store.js

@@ -0,0 +1,113 @@
+// PostmortemStore — file-backed JSONL persistence for
+// generate_postmortem output.
+//
+// Design notes:
+//   - One JSON object per line (append-only). Cheap to tail, cheap
+//     to scan, surives crashes mid-write (the partial line is just
+//     ignored on load).
+//   - load() reads the whole file into an in-memory array (in
+//     practice operators don't accumulate thousands; the tool
+//     produces one report per incident).
+//   - delete() rewrites the file atomically (tmp + rename). Same
+//     pattern as the SCIM store from F21.
+//
+// The schema is intentionally narrow — we store what the tool's
+// PostmortemReport already returns plus an id, ts, and createdBy.
+import { readFile, writeFile, mkdir, rename, appendFile } from "node:fs/promises";
+import { dirname } from "node:path";
+import { randomUUID } from "node:crypto";
+export class PostmortemStore {
+    path;
+    entries = [];
+    bootstrapped = null;
+    constructor(path) {
+        this.path = path;
+    }
+    async load() {
+        if (this.bootstrapped)
+            return this.bootstrapped;
+        this.bootstrapped = (async () => {
+            try {
+                const raw = await readFile(this.path, "utf8");
+                const out = [];
+                for (const line of raw.split("\n")) {
+                    const t = line.trim();
+                    if (!t)
+                        continue;
+                    try {
+                        const obj = JSON.parse(t);
+                        if (obj && typeof obj.id === "string")
+                            out.push(obj);
+                    }
+                    catch {
+                        // Partial / corrupt line — skip, don't fail load. The
+                        // operator can purge by re-saving with delete().
+                    }
+                }
+                this.entries = out;
+            }
+            catch (err) {
+                if (err.code === "ENOENT") {
+                    this.entries = [];
+                    return;
+                }
+                console.warn(`[postmortem-store] failed to load ${this.path}: ${err.message} — starting empty`);
+                this.entries = [];
+            }
+        })();
+        return this.bootstrapped;
+    }
+    /** List entries, newest-first. Optionally scoped to a tenant. */
+    list(tenant) {
+        const src = tenant ? this.entries.filter((e) => e.tenant === tenant) : this.entries;
+        return src.slice().sort((a, b) => b.ts.localeCompare(a.ts));
+    }
+    get(id, tenant) {
+        const e = this.entries.find((x) => x.id === id);
+        if (!e)
+            return undefined;
+        if (tenant && e.tenant !== tenant)
+            return undefined;
+        return e;
+    }
+    /** Append a freshly-generated report. Returns the stored entry
+     *  with its assigned id + ts. */
+    async append(input) {
+        const entry = {
+            id: randomUUID(),
+            ts: new Date().toISOString(),
+            createdBy: input.createdBy,
+            tenant: input.tenant,
+            report: input.report,
+        };
+        this.entries.push(entry);
+        await mkdir(dirname(this.path), { recursive: true }).catch(() => undefined);
+        // Append-only — atomic enough for a JSONL (one write = one
+        // syscall; partial writes are skipped on load).
+        await appendFile(this.path, JSON.stringify(entry) + "\n", { mode: 0o600 });
+        return entry;
+    }
+    /** Delete one entry by id. Atomic rewrite. Returns whether
+     *  anything was removed. */
+    async delete(id, tenant) {
+        const before = this.entries.length;
+        this.entries = this.entries.filter((e) => {
+            if (e.id !== id)
+                return true;
+            if (tenant && e.tenant !== tenant)
+                return true;
+            return false;
+        });
+        if (this.entries.length === before)
+            return false;
+        await this.rewrite();
+        return true;
+    }
+    async rewrite() {
+        await mkdir(dirname(this.path), { recursive: true }).catch(() => undefined);
+        const body = this.entries.map((e) => JSON.stringify(e)).join("\n") + (this.entries.length ? "\n" : "");
+        const tmp = `${this.path}.tmp`;
+        await writeFile(tmp, body, { mode: 0o600 });
+        await rename(tmp, this.path);
+    }
+}

package/dist/postmortem/store.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/postmortem/store.test.js

@@ -0,0 +1,118 @@
+import { test } from "node:test";
+import assert from "node:assert/strict";
+import { mkdtempSync, statSync, existsSync, readFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { PostmortemStore } from "./store.js";
+function tmpStore() {
+    return join(mkdtempSync(join(tmpdir(), "pmstore-")), "postmortems.jsonl");
+}
+function fakeReport(service = "payment") {
+    return {
+        service,
+        window: "1h",
+        fromIso: "2026-06-06T00:00:00.000Z",
+        toIso: "2026-06-06T01:00:00.000Z",
+        synopsis: "test",
+        markdown: "# Test",
+        sections: {
+            timeline: [],
+            blastRadius: { nodes: [], edgeCount: 0 },
+            topTraces: [],
+            contributingSignals: [],
+            followUps: [],
+            logHighlights: [],
+        },
+    };
+}
+test("PostmortemStore: load() on missing file → empty list", async () => {
+    const s = new PostmortemStore(tmpStore());
+    await s.load();
+    assert.deepEqual(s.list(), []);
+});
+test("PostmortemStore: append issues UUID + ISO ts, persists JSONL", async () => {
+    const path = tmpStore();
+    const s = new PostmortemStore(path);
+    await s.load();
+    const stored = await s.append({ report: fakeReport(), createdBy: "alice", tenant: "default" });
+    assert.match(stored.id, /^[0-9a-f-]{36}$/);
+    assert.match(stored.ts, /^\d{4}-\d{2}-\d{2}T/);
+    assert.equal(stored.report.service, "payment");
+    // disk format is one JSON per line
+    const raw = readFileSync(path, "utf8");
+    assert.equal(raw.split("\n").filter((l) => l).length, 1);
+    assert.equal(statSync(path).mode & 0o777, 0o600);
+});
+test("PostmortemStore: list() returns newest-first", async () => {
+    const s = new PostmortemStore(tmpStore());
+    await s.load();
+    await s.append({ report: fakeReport("a"), createdBy: "u", tenant: "t" });
+    await new Promise((r) => setTimeout(r, 5));
+    await s.append({ report: fakeReport("b"), createdBy: "u", tenant: "t" });
+    const out = s.list();
+    assert.equal(out[0].report.service, "b");
+    assert.equal(out[1].report.service, "a");
+});
+test("PostmortemStore: list(tenant) scopes correctly", async () => {
+    const s = new PostmortemStore(tmpStore());
+    await s.load();
+    await s.append({ report: fakeReport("a"), createdBy: "u", tenant: "alpha" });
+    await s.append({ report: fakeReport("b"), createdBy: "u", tenant: "beta" });
+    assert.equal(s.list("alpha").length, 1);
+    assert.equal(s.list("alpha")[0].report.service, "a");
+});
+test("PostmortemStore: get() by id, tenant-scoped", async () => {
+    const s = new PostmortemStore(tmpStore());
+    await s.load();
+    const e = await s.append({ report: fakeReport(), createdBy: "u", tenant: "alpha" });
+    assert.equal(s.get(e.id)?.id, e.id);
+    assert.equal(s.get(e.id, "alpha")?.id, e.id);
+    // wrong tenant → undefined
+    assert.equal(s.get(e.id, "beta"), undefined);
+    assert.equal(s.get("nope"), undefined);
+});
+test("PostmortemStore: delete() rewrites file + scoped by tenant", async () => {
+    const path = tmpStore();
+    const s = new PostmortemStore(path);
+    await s.load();
+    const e1 = await s.append({ report: fakeReport("a"), createdBy: "u", tenant: "alpha" });
+    await s.append({ report: fakeReport("b"), createdBy: "u", tenant: "beta" });
+    // wrong tenant → no-op
+    assert.equal(await s.delete(e1.id, "beta"), false);
+    assert.equal(s.list().length, 2);
+    // correct tenant → removed
+    assert.equal(await s.delete(e1.id, "alpha"), true);
+    assert.equal(s.list().length, 1);
+    // disk reflects the rewrite
+    const raw = readFileSync(path, "utf8");
+    assert.equal(raw.split("\n").filter((l) => l).length, 1);
+});
+test("PostmortemStore: delete() missing id → false", async () => {
+    const s = new PostmortemStore(tmpStore());
+    await s.load();
+    assert.equal(await s.delete("nope"), false);
+});
+test("PostmortemStore: round-trip through disk (load after append sees entries)", async () => {
+    const path = tmpStore();
+    const a = new PostmortemStore(path);
+    await a.load();
+    await a.append({ report: fakeReport("a"), createdBy: "u", tenant: "default" });
+    await a.append({ report: fakeReport("b"), createdBy: "u", tenant: "default" });
+    const b = new PostmortemStore(path);
+    await b.load();
+    assert.equal(b.list().length, 2);
+});
+test("PostmortemStore: load skips corrupt lines", async () => {
+    const path = tmpStore();
+    // Hand-write a file with one good + one garbage line
+    const a = new PostmortemStore(path);
+    await a.load();
+    await a.append({ report: fakeReport(), createdBy: "u", tenant: "default" });
+    const fs = await import("node:fs/promises");
+    await fs.appendFile(path, "{not valid json\n");
+    const b = new PostmortemStore(path);
+    await b.load();
+    // Good entry survived; corrupt line ignored.
+    assert.equal(b.list().length, 1);
+    assert.ok(existsSync(path));
+});

package/dist/scim/compliance.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/scim/compliance.test.js

@@ -0,0 +1,169 @@
+// SCIM 2.0 (RFC 7643 / 7644) compliance harness.
+//
+// Run against a running gateway with SCIM enabled by setting:
+//   OMCP_SCIM_COMPLIANCE_URL  — the SCIM base, e.g.
+//                               http://localhost:3000/scim/v2
+//   OMCP_SCIM_COMPLIANCE_TOKEN — the bearer matching OMCP_SCIM_TOKEN
+//
+// When the URL is unset every test skips — so the file lives happily
+// in a plain `find src -name "*.test.ts"` unit run without needing a
+// server. The `make scim-compliance` target boots the demo with SCIM
+// configured, waits for /healthz, then runs this file.
+//
+//   OMCP_SCIM_COMPLIANCE_URL=http://localhost:3000/scim/v2 \
+//   OMCP_SCIM_COMPLIANCE_TOKEN=secret \
+//   npx tsx --test src/scim/compliance.test.ts
+//
+// The suite is self-contained: it creates resources, exercises them,
+// and deletes them, leaving the store as it found it.
+import { test } from "node:test";
+import assert from "node:assert/strict";
+const BASE = process.env.OMCP_SCIM_COMPLIANCE_URL?.replace(/\/+$/, "");
+const TOKEN = process.env.OMCP_SCIM_COMPLIANCE_TOKEN || "";
+const skip = !BASE;
+const opts = skip ? { skip: "OMCP_SCIM_COMPLIANCE_URL not set" } : {};
+const SCHEMA_USER = "urn:ietf:params:scim:schemas:core:2.0:User";
+const SCHEMA_GROUP = "urn:ietf:params:scim:schemas:core:2.0:Group";
+const SCHEMA_PATCH = "urn:ietf:params:scim:api:messages:2.0:PatchOp";
+const SCHEMA_LIST = "urn:ietf:params:scim:api:messages:2.0:ListResponse";
+const SCHEMA_ERROR = "urn:ietf:params:scim:api:messages:2.0:Error";
+async function scim(method, path, body, withAuth = true) {
+    if (!BASE)
+        throw new Error("OMCP_SCIM_COMPLIANCE_URL not set");
+    const headers = { "content-type": "application/scim+json" };
+    if (withAuth)
+        headers["authorization"] = `Bearer ${TOKEN}`;
+    const res = await fetch(`${BASE}${path}`, {
+        method,
+        headers,
+        body: body === undefined ? undefined : JSON.stringify(body),
+    });
+    const h = {};
+    res.headers.forEach((v, k) => { h[k] = v; });
+    const text = await res.text();
+    let json = {};
+    if (text.trim().startsWith("{"))
+        json = JSON.parse(text);
+    return { status: res.status, json, headers: h };
+}
+// Resources created during the run, deleted in the final test.
+const created = { users: [], groups: [] };
+function uniq(p) { return `${p}-${Math.floor(performance.now() * 1000)}-${created.users.length + created.groups.length}`; }
+// --- Discovery (RFC 7643 §5) -----------------------------------------
+test("ServiceProviderConfig advertises the spec schema + patch support", opts, async () => {
+    const r = await scim("GET", "/ServiceProviderConfig");
+    assert.equal(r.status, 200);
+    assert.ok(r.json.schemas.includes("urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"));
+    assert.ok(r.json.patch, "patch capability block present");
+});
+test("ResourceTypes lists User + Group endpoints", opts, async () => {
+    const r = await scim("GET", "/ResourceTypes");
+    assert.equal(r.status, 200);
+    const txt = JSON.stringify(r.json);
+    assert.ok(txt.includes("/Users") && txt.includes("/Groups"));
+});
+test("Schemas endpoint returns the core schema definitions", opts, async () => {
+    const r = await scim("GET", "/Schemas");
+    assert.equal(r.status, 200);
+    const txt = JSON.stringify(r.json);
+    assert.ok(txt.includes(SCHEMA_USER) && txt.includes(SCHEMA_GROUP));
+});
+// --- Auth (RFC 7644 §2) ----------------------------------------------
+test("requests without a bearer token are rejected 401", opts, async () => {
+    const r = await scim("GET", "/Users", undefined, false);
+    assert.equal(r.status, 401);
+    assert.ok(r.json.schemas?.includes(SCHEMA_ERROR));
+});
+// --- User lifecycle (RFC 7644 §3.3–3.6) ------------------------------
+let userId = "";
+const userName = uniq("compliance-user") + "@example.com";
+test("POST /Users creates a user → 201 with id + meta", opts, async () => {
+    const r = await scim("POST", "/Users", {
+        schemas: [SCHEMA_USER],
+        userName,
+        name: { givenName: "Comp", familyName: "Liance" },
+        emails: [{ value: userName, primary: true }],
+        active: true,
+    });
+    assert.equal(r.status, 201);
+    assert.equal(typeof r.json.id, "string");
+    assert.equal(r.json.userName, userName);
+    const meta = r.json.meta;
+    assert.equal(meta.resourceType, "User");
+    assert.ok(meta.created && meta.lastModified);
+    userId = r.json.id;
+    created.users.push(userId);
+});
+test("duplicate userName is rejected 409 uniqueness", opts, async () => {
+    const r = await scim("POST", "/Users", { schemas: [SCHEMA_USER], userName });
+    assert.equal(r.status, 409);
+    assert.equal(r.json.scimType, "uniqueness");
+});
+test("GET /Users/:id returns the created user", opts, async () => {
+    const r = await scim("GET", `/Users/${userId}`);
+    assert.equal(r.status, 200);
+    assert.equal(r.json.id, userId);
+    assert.equal(r.json.userName, userName);
+});
+test("GET /Users returns a ListResponse envelope", opts, async () => {
+    const r = await scim("GET", "/Users");
+    assert.equal(r.status, 200);
+    assert.ok(r.json.schemas.includes(SCHEMA_LIST));
+    assert.equal(typeof r.json.totalResults, "number");
+    assert.ok(Array.isArray(r.json.Resources));
+});
+test("PATCH /Users/:id replace toggles active", opts, async () => {
+    const r = await scim("PATCH", `/Users/${userId}`, {
+        schemas: [SCHEMA_PATCH],
+        Operations: [{ op: "replace", path: "active", value: false }],
+    });
+    assert.equal(r.status, 200);
+    assert.equal(r.json.active, false);
+});
+test("unknown user id → 404 with SCIM error schema", opts, async () => {
+    const r = await scim("GET", "/Users/does-not-exist");
+    assert.equal(r.status, 404);
+    assert.ok(r.json.schemas.includes(SCHEMA_ERROR));
+});
+// --- Group lifecycle + membership PATCH (Q14) ------------------------
+let groupId = "";
+test("POST /Groups creates a group", opts, async () => {
+    const r = await scim("POST", "/Groups", { schemas: [SCHEMA_GROUP], displayName: uniq("compliance-grp") });
+    assert.equal(r.status, 201);
+    groupId = r.json.id;
+    created.groups.push(groupId);
+    assert.equal(r.json.meta.resourceType, "Group");
+});
+test("PATCH /Groups/:id add member → membership reflected", opts, async () => {
+    const r = await scim("PATCH", `/Groups/${groupId}`, {
+        schemas: [SCHEMA_PATCH],
+        Operations: [{ op: "add", path: "members", value: [{ value: userId, display: userName }] }],
+    });
+    assert.equal(r.status, 200);
+    const members = r.json.members || [];
+    assert.ok(members.some((m) => m.value === userId), "added member present");
+});
+test("PATCH /Groups/:id remove member by filter → membership cleared", opts, async () => {
+    const r = await scim("PATCH", `/Groups/${groupId}`, {
+        schemas: [SCHEMA_PATCH],
+        Operations: [{ op: "remove", path: `members[value eq "${userId}"]` }],
+    });
+    assert.equal(r.status, 200);
+    const members = r.json.members || [];
+    assert.ok(!members.some((m) => m.value === userId), "removed member gone");
+});
+// --- Cleanup (DELETE → 204, then 404) --------------------------------
+test("DELETE created resources → 204 and subsequent GET → 404", opts, async () => {
+    for (const id of created.groups) {
+        const del = await scim("DELETE", `/Groups/${id}`);
+        assert.ok(del.status === 204 || del.status === 200, `group delete status ${del.status}`);
+        const get = await scim("GET", `/Groups/${id}`);
+        assert.equal(get.status, 404);
+    }
+    for (const id of created.users) {
+        const del = await scim("DELETE", `/Users/${id}`);
+        assert.ok(del.status === 204 || del.status === 200, `user delete status ${del.status}`);
+        const get = await scim("GET", `/Users/${id}`);
+        assert.equal(get.status, 404);
+    }
+});

package/dist/scim/factory.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/scim/factory.test.js

@@ -0,0 +1,54 @@
+import { test } from "node:test";
+import assert from "node:assert/strict";
+import { mkdtempSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { createScimStore, ScimStore } from "./store.js";
+import { RedisScimStore } from "./redis-store.js";
+function tmpStorePath() {
+    return join(mkdtempSync(join(tmpdir(), "omcp-scim-factory-")), "scim.json");
+}
+test("createScimStore default = file backend", async () => {
+    const path = tmpStorePath();
+    delete process.env.OMCP_SCIM_BACKEND;
+    const store = await createScimStore({ path });
+    assert.ok(store instanceof ScimStore);
+    // The store is usable
+    const u = await store.createUser({ userName: "a@x" });
+    assert.equal(u.userName, "a@x");
+});
+test("createScimStore explicit backend=file", async () => {
+    const store = await createScimStore({ backend: "file", path: tmpStorePath() });
+    assert.ok(store instanceof ScimStore);
+});
+test("createScimStore backend=redis requires a client", async () => {
+    await assert.rejects(createScimStore({ backend: "redis" }), /backend=redis requires a redis client/);
+});
+test("createScimStore backend=redis returns RedisScimStore", async () => {
+    const fake = {
+        _s: new Map(),
+        async get(k) { return this._s.has(k) ? this._s.get(k) : null; },
+        async set(k, v) { this._s.set(k, v); return "OK"; },
+    };
+    const store = await createScimStore({ backend: "redis", redis: fake });
+    assert.ok(store instanceof RedisScimStore);
+    const u = await store.createUser({ userName: "u@x" });
+    assert.equal(u.userName, "u@x");
+    // Persisted to the fake redis
+    assert.ok(fake._s.has("omcp:scim:snapshot"));
+});
+test("createScimStore reads OMCP_SCIM_BACKEND env when no explicit backend", async () => {
+    process.env.OMCP_SCIM_BACKEND = "redis";
+    try {
+        const fake = {
+            _s: new Map(),
+            async get(k) { return this._s.get(k) ?? null; },
+            async set(k, v) { this._s.set(k, v); return "OK"; },
+        };
+        const store = await createScimStore({ redis: fake });
+        assert.ok(store instanceof RedisScimStore);
+    }
+    finally {
+        delete process.env.OMCP_SCIM_BACKEND;
+    }
+});

package/dist/scim/patch-ops.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/scim/patch-ops.test.js

@@ -0,0 +1,100 @@
+import { test } from "node:test";
+import assert from "node:assert/strict";
+import { applyPatchOps } from "./routes.js";
+function group(members = []) {
+    return {
+        schemas: ["urn:ietf:params:scim:schemas:core:2.0:Group"],
+        id: "g1",
+        displayName: "team",
+        members,
+        meta: { resourceType: "Group", created: "2026-06-06T00:00:00Z", lastModified: "2026-06-06T00:00:00Z" },
+    };
+}
+function patch(...ops) {
+    return { schemas: ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], Operations: ops };
+}
+// --- replace (existing behaviour preserved) --------------------------
+test("replace with no path merges allow-listed keys", () => {
+    const out = applyPatchOps(group(), patch({ op: "replace", value: { displayName: "renamed", externalId: "x" } }));
+    assert.equal(out.displayName, "renamed");
+    assert.equal(out.externalId, "x");
+});
+test("replace with path sets that attribute", () => {
+    const out = applyPatchOps(group(), patch({ op: "replace", path: "displayName", value: "n2" }));
+    assert.equal(out.displayName, "n2");
+});
+test("replace drops non-allowlisted keys (proto-pollution guard)", () => {
+    const out = applyPatchOps(group(), patch({ op: "replace", value: { __proto__: { polluted: true }, constructor: 1, displayName: "ok" } }));
+    assert.equal(out.displayName, "ok");
+    assert.equal({}.polluted, undefined);
+    assert.equal(Object.prototype.hasOwnProperty.call(out, "__proto__"), false);
+    assert.equal(Object.prototype.hasOwnProperty.call(out, "constructor"), false);
+});
+// --- add members -----------------------------------------------------
+test("add appends a member to an empty group", () => {
+    const out = applyPatchOps(group(), patch({ op: "add", path: "members", value: [{ value: "u1", display: "Alice" }] }));
+    assert.deepEqual(out.members, [{ value: "u1", display: "Alice" }]);
+});
+test("add appends to existing members and dedups by value", () => {
+    const out = applyPatchOps(group([{ value: "u1" }]), patch({ op: "add", path: "members", value: [{ value: "u1" }, { value: "u2" }] }));
+    assert.deepEqual(out.members.map((m) => m.value), ["u1", "u2"]);
+});
+test("add accepts a single (non-array) value", () => {
+    const out = applyPatchOps(group([{ value: "u1" }]), patch({ op: "add", path: "members", value: { value: "u2" } }));
+    assert.deepEqual(out.members.map((m) => m.value), ["u1", "u2"]);
+});
+test("pathless add appends array attrs + sets scalars", () => {
+    const out = applyPatchOps(group([{ value: "u1" }]), patch({ op: "add", value: { members: [{ value: "u2" }], displayName: "renamed" } }));
+    assert.deepEqual(out.members.map((m) => m.value), ["u1", "u2"]);
+    assert.equal(out.displayName, "renamed");
+});
+// --- remove members --------------------------------------------------
+test("remove with a filter drops the matching member", () => {
+    const out = applyPatchOps(group([{ value: "u1" }, { value: "u2" }, { value: "u3" }]), patch({ op: "remove", path: 'members[value eq "u2"]' }));
+    assert.deepEqual(out.members.map((m) => m.value), ["u1", "u3"]);
+});
+test("remove with a non-matching filter is a no-op on contents", () => {
+    const out = applyPatchOps(group([{ value: "u1" }]), patch({ op: "remove", path: 'members[value eq "ghost"]' }));
+    assert.deepEqual(out.members.map((m) => m.value), ["u1"]);
+});
+test("remove of the whole members attr clears it", () => {
+    const out = applyPatchOps(group([{ value: "u1" }, { value: "u2" }]), patch({ op: "remove", path: "members" }));
+    assert.deepEqual(out.members, []);
+});
+// --- chained ops in one request (Entra-style) ------------------------
+test("add then remove in one request compose against the working value", () => {
+    const out = applyPatchOps(group([{ value: "u1" }]), patch({ op: "add", path: "members", value: [{ value: "u2" }, { value: "u3" }] }, { op: "remove", path: 'members[value eq "u1"]' }));
+    assert.deepEqual(out.members.map((m) => m.value), ["u2", "u3"]);
+});
+// --- security: filtered paths can't pollute --------------------------
+test("crafted __proto__ filter path is rejected (fail-closed no-op), no pollution", () => {
+    const out = applyPatchOps(group([{ value: "u1" }]), patch({ op: "remove", path: 'members[__proto__ eq "x"]' }));
+    // The sub-attribute regex requires a leading letter, so this path
+    // doesn't parse as a filter and isn't a bare allow-listed attr —
+    // the op is skipped entirely. No members key is emitted (no change)
+    // and nothing is polluted.
+    assert.equal(Object.prototype.hasOwnProperty.call(out, "members"), false);
+    assert.equal({}.x, undefined);
+});
+test("add to a non-allowlisted path is ignored", () => {
+    const out = applyPatchOps(group(), patch({ op: "add", path: "__proto__", value: { polluted: true } }));
+    assert.equal(Object.keys(out).length, 0);
+    assert.equal({}.polluted, undefined);
+});
+// --- emails array (same machinery) -----------------------------------
+test("add + remove works on emails too", () => {
+    const user = {
+        schemas: ["urn:ietf:params:scim:schemas:core:2.0:User"],
+        id: "u1",
+        userName: "a@x",
+        emails: [{ value: "a@x", primary: true }],
+        meta: { resourceType: "User", created: "2026-06-06T00:00:00Z", lastModified: "2026-06-06T00:00:00Z" },
+    };
+    const added = applyPatchOps(user, patch({ op: "add", path: "emails", value: [{ value: "a2@x" }] }));
+    assert.deepEqual(added.emails.map((e) => e.value), ["a@x", "a2@x"]);
+    const removed = applyPatchOps(user, patch({ op: "remove", path: 'emails[value eq "a@x"]' }));
+    assert.deepEqual(removed.emails.map((e) => e.value), []);
+});
+test("missing target resource throws", () => {
+    assert.throws(() => applyPatchOps(undefined, patch({ op: "add", path: "members", value: [] })), /not found/);
+});

package/dist/scim/redis-store.d.ts

@@ -0,0 +1,38 @@
+import { type ScimGroup, type ScimUser } from "./types.js";
+import { type IScimStore } from "./store.js";
+/**
+ * Minimal Redis surface we depend on. Matches both `ioredis` and the
+ * built-in promisified node-redis client — easier to swap clients
+ * and trivial to fake in unit tests.
+ */
+export interface RedisLike {
+    get(key: string): Promise<string | null>;
+    set(key: string, value: string): Promise<unknown>;
+}
+export declare class RedisScimStore implements IScimStore {
+    private readonly redis;
+    private readonly key;
+    private snapshot;
+    private bootstrapped;
+    private writeQueue;
+    constructor(redis: RedisLike, opts?: {
+        key?: string;
+    });
+    load(): Promise<void>;
+    listUsers(): ScimUser[];
+    getUser(id: string): ScimUser | undefined;
+    getUserByUserName(userName: string): ScimUser | undefined;
+    createUser(input: Partial<ScimUser>): Promise<ScimUser>;
+    updateUser(id: string, patch: Partial<ScimUser>): Promise<ScimUser>;
+    deleteUser(id: string): Promise<boolean>;
+    listGroups(): ScimGroup[];
+    getGroup(id: string): ScimGroup | undefined;
+    createGroup(input: Partial<ScimGroup>): Promise<ScimGroup>;
+    updateGroup(id: string, patch: Partial<ScimGroup>): Promise<ScimGroup>;
+    deleteGroup(id: string): Promise<boolean>;
+    groupsContaining(userId: string): Array<{
+        value: string;
+        display?: string;
+    }>;
+    private persist;
+}