@trusty-squire/mcp 0.6.14-rc.34 → 0.6.14-rc.35
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -4,7 +4,7 @@ export type OAuthProviderId = "google" | "github";
|
|
|
4
4
|
export type OAuthAuthState = "consent" | "needs_login" | "challenge" | "not_provider";
|
|
5
5
|
export declare function classifyGitHubAuthState(url: string, bodyText: string): OAuthAuthState;
|
|
6
6
|
export declare function isGitHubDismissible2faSetup(bodyText: string): boolean;
|
|
7
|
-
export declare const GITHUB_DISMISSIBLE_2FA_SKIP_TEXT = "skip 2FA verification
|
|
7
|
+
export declare const GITHUB_DISMISSIBLE_2FA_SKIP_TEXT = "skip 2FA verification";
|
|
8
8
|
export declare function githubScopesAreBasic(scopes: readonly string[]): boolean;
|
|
9
9
|
export interface OAuthProvider {
|
|
10
10
|
id: OAuthProviderId;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-providers.d.ts","sourceRoot":"","sources":["../../src/bot/oauth-providers.ts"],"names":[],"mappings":"AAgBA,OAAO,EAGL,kBAAkB,EACnB,MAAM,mBAAmB,CAAC;AAK3B,OAAO,EAAE,kBAAkB,EAAE,CAAC;AAE9B,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAKlD,MAAM,MAAM,cAAc,GACtB,SAAS,GACT,aAAa,GACb,WAAW,GACX,cAAc,CAAC;AAQnB,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,cAAc,CA0CrF;
|
|
1
|
+
{"version":3,"file":"oauth-providers.d.ts","sourceRoot":"","sources":["../../src/bot/oauth-providers.ts"],"names":[],"mappings":"AAgBA,OAAO,EAGL,kBAAkB,EACnB,MAAM,mBAAmB,CAAC;AAK3B,OAAO,EAAE,kBAAkB,EAAE,CAAC;AAE9B,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAKlD,MAAM,MAAM,cAAc,GACtB,SAAS,GACT,aAAa,GACb,WAAW,GACX,cAAc,CAAC;AAQnB,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,cAAc,CA0CrF;AA0BD,wBAAgB,2BAA2B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAQrE;AAMD,eAAO,MAAM,gCAAgC,0BAA0B,CAAC;AAaxE,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,GAAG,OAAO,CAEvE;AAGD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,eAAe,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IAEd,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,cAAc,CAAC;IACjE,cAAc,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,GAAG,OAAO,CAAC;CACpD;AAED,eAAO,MAAM,eAAe,EAAE,MAAM,CAAC,eAAe,EAAE,aAAa,CAkBlE,CAAC;AAGF,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,KAAK,IAAI,eAAe,CAEzE"}
|
|
@@ -73,19 +73,30 @@ export function classifyGitHubAuthState(url, bodyText) {
|
|
|
73
73
|
// agent's OAuth flow uses this helper to distinguish the two and
|
|
74
74
|
// auto-skip when possible.
|
|
75
75
|
//
|
|
76
|
-
// Detection
|
|
77
|
-
//
|
|
78
|
-
//
|
|
79
|
-
//
|
|
80
|
-
//
|
|
76
|
+
// Detection: normalized substring match on the surrounding sentence.
|
|
77
|
+
// GitHub renders this with a quirky structure — the dismiss link is
|
|
78
|
+
// a <button> containing only "skip 2FA verification", and "at this
|
|
79
|
+
// moment, we'll remind you again tomorrow" sits as a sibling text
|
|
80
|
+
// node outside the button. textContent preserves the whitespace
|
|
81
|
+
// between them, so the raw body has the phrases separated by line
|
|
82
|
+
// breaks; we collapse whitespace before the substring check so the
|
|
83
|
+
// natural English phrase matches.
|
|
84
|
+
//
|
|
85
|
+
// Errs toward false-negative (bot aborts as before, operator clicks
|
|
86
|
+
// manually) over false-positive (bot clicks the wrong thing on a
|
|
87
|
+
// real 2FA challenge).
|
|
81
88
|
export function isGitHubDismissible2faSetup(bodyText) {
|
|
82
|
-
const text = bodyText.toLowerCase();
|
|
89
|
+
const text = bodyText.toLowerCase().replace(/\s+/g, " ");
|
|
83
90
|
return (text.includes("skip 2fa verification at this moment") ||
|
|
84
91
|
// Defensive: GitHub historically used "skip 2FA verification for
|
|
85
92
|
// now" too. Match both phrasings.
|
|
86
93
|
text.includes("skip 2fa verification for now"));
|
|
87
94
|
}
|
|
88
|
-
|
|
95
|
+
// Literal text inside the dismiss <button> on GitHub's 2FA sanity
|
|
96
|
+
// page. SHORTER than the full sentence — the surrounding "at this
|
|
97
|
+
// moment..." text lives outside the button in a sibling text node,
|
|
98
|
+
// so Playwright's text-locator needs the button's own label only.
|
|
99
|
+
export const GITHUB_DISMISSIBLE_2FA_SKIP_TEXT = "skip 2FA verification";
|
|
89
100
|
// --- GitHub consent scope gate ---------------------------------------
|
|
90
101
|
// GitHub's scope vocabulary is its own. Basic identity is `read:user`
|
|
91
102
|
// and `user:email` (D7). Anything broader — repo, admin:*, write:*,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-providers.js","sourceRoot":"","sources":["../../src/bot/oauth-providers.ts"],"names":[],"mappings":"AAAA,gEAAgE;AAChE,2BAA2B;AAC3B,EAAE;AACF,qEAAqE;AACrE,oEAAoE;AACpE,oEAAoE;AACpE,oEAAoE;AACpE,kEAAkE;AAClE,iEAAiE;AACjE,gCAAgC;AAChC,EAAE;AACF,wEAAwE;AACxE,uEAAuE;AACvE,kEAAkE;AAClE,aAAa;AAEb,OAAO,EACL,uBAAuB,EACvB,cAAc,IAAI,oBAAoB,EACtC,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,mEAAmE;AACnE,oEAAoE;AACpE,kEAAkE;AAClE,OAAO,EAAE,kBAAkB,EAAE,CAAC;AAa9B,wEAAwE;AACxE,oEAAoE;AACpE,kEAAkE;AAClE,kEAAkE;AAClE,uEAAuE;AACvE,iEAAiE;AACjE,MAAM,UAAU,uBAAuB,CAAC,GAAW,EAAE,QAAgB;IACnE,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,cAAc,CAAC;IACxB,CAAC;IACD,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,OAAO,cAAc,CAAC;IACxB,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAEpC,oEAAoE;IACpE,kEAAkE;IAClE,aAAa;IACb,IACE,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,2BAA2B,CAAC;QAC1C,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC;QAC5B,IAAI,CAAC,QAAQ,CAAC,2BAA2B,CAAC;QAC1C,IAAI,CAAC,QAAQ,CAAC,oBAAoB,CAAC;QACnC,IAAI,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EACpC,CAAC;QACD,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,iEAAiE;IACjE,sDAAsD;IACtD,IACE,IAAI,CAAC,QAAQ,CAAC,wBAAwB,CAAC;QACvC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EACtC,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,mEAAmE;IACnE,6DAA6D;IAC7D,gEAAgE;IAChE,oCAAoC;IACpC,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,mEAAmE;AACnE,oEAAoE;AACpE,iEAAiE;AACjE,kEAAkE;AAClE,gEAAgE;AAChE,gEAAgE;AAChE,kEAAkE;AAClE,kEAAkE;AAClE,iEAAiE;AACjE,iEAAiE;AACjE,2BAA2B;AAC3B,EAAE;AACF,qEAAqE;AACrE,
|
|
1
|
+
{"version":3,"file":"oauth-providers.js","sourceRoot":"","sources":["../../src/bot/oauth-providers.ts"],"names":[],"mappings":"AAAA,gEAAgE;AAChE,2BAA2B;AAC3B,EAAE;AACF,qEAAqE;AACrE,oEAAoE;AACpE,oEAAoE;AACpE,oEAAoE;AACpE,kEAAkE;AAClE,iEAAiE;AACjE,gCAAgC;AAChC,EAAE;AACF,wEAAwE;AACxE,uEAAuE;AACvE,kEAAkE;AAClE,aAAa;AAEb,OAAO,EACL,uBAAuB,EACvB,cAAc,IAAI,oBAAoB,EACtC,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,mEAAmE;AACnE,oEAAoE;AACpE,kEAAkE;AAClE,OAAO,EAAE,kBAAkB,EAAE,CAAC;AAa9B,wEAAwE;AACxE,oEAAoE;AACpE,kEAAkE;AAClE,kEAAkE;AAClE,uEAAuE;AACvE,iEAAiE;AACjE,MAAM,UAAU,uBAAuB,CAAC,GAAW,EAAE,QAAgB;IACnE,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,cAAc,CAAC;IACxB,CAAC;IACD,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,OAAO,cAAc,CAAC;IACxB,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAEpC,oEAAoE;IACpE,kEAAkE;IAClE,aAAa;IACb,IACE,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,2BAA2B,CAAC;QAC1C,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC;QAC5B,IAAI,CAAC,QAAQ,CAAC,2BAA2B,CAAC;QAC1C,IAAI,CAAC,QAAQ,CAAC,oBAAoB,CAAC;QACnC,IAAI,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EACpC,CAAC;QACD,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,iEAAiE;IACjE,sDAAsD;IACtD,IACE,IAAI,CAAC,QAAQ,CAAC,wBAAwB,CAAC;QACvC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC;QACrC,IAAI,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EACtC,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,mEAAmE;IACnE,6DAA6D;IAC7D,gEAAgE;IAChE,oCAAoC;IACpC,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,mEAAmE;AACnE,oEAAoE;AACpE,iEAAiE;AACjE,kEAAkE;AAClE,gEAAgE;AAChE,gEAAgE;AAChE,kEAAkE;AAClE,kEAAkE;AAClE,iEAAiE;AACjE,iEAAiE;AACjE,2BAA2B;AAC3B,EAAE;AACF,qEAAqE;AACrE,oEAAoE;AACpE,mEAAmE;AACnE,kEAAkE;AAClE,gEAAgE;AAChE,kEAAkE;AAClE,mEAAmE;AACnE,kCAAkC;AAClC,EAAE;AACF,oEAAoE;AACpE,iEAAiE;AACjE,uBAAuB;AACvB,MAAM,UAAU,2BAA2B,CAAC,QAAgB;IAC1D,MAAM,IAAI,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACzD,OAAO,CACL,IAAI,CAAC,QAAQ,CAAC,sCAAsC,CAAC;QACrD,iEAAiE;QACjE,kCAAkC;QAClC,IAAI,CAAC,QAAQ,CAAC,+BAA+B,CAAC,CAC/C,CAAC;AACJ,CAAC;AAED,kEAAkE;AAClE,kEAAkE;AAClE,mEAAmE;AACnE,kEAAkE;AAClE,MAAM,CAAC,MAAM,gCAAgC,GAAG,uBAAuB,CAAC;AAExE,wEAAwE;AACxE,sEAAsE;AACtE,oEAAoE;AACpE,mEAAmE;AACnE,sEAAsE;AACtE,gDAAgD;AAChD,MAAM,mBAAmB,GAAwB,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC;AAEtF,kEAAkE;AAClE,gEAAgE;AAChE,sEAAsE;AACtE,MAAM,UAAU,oBAAoB,CAAC,MAAyB;IAC5D,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9E,CAAC;AAYD,MAAM,CAAC,MAAM,eAAe,GAA2C;IACrE,MAAM,EAAE;QACN,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,QAAQ;QACf,aAAa,EAAE,QAAQ;QACvB,iBAAiB,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;YAC/B,MAAM,KAAK,GAAG,uBAAuB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACjD,OAAO,KAAK,KAAK,YAAY,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC;QACzD,CAAC;QACD,cAAc,EAAE,oBAAoB;KACrC;IACD,MAAM,EAAE;QACN,EAAE,EAAE,QAAQ;QACZ,KAAK,EAAE,QAAQ;QACf,aAAa,EAAE,QAAQ;QACvB,iBAAiB,EAAE,uBAAuB;QAC1C,cAAc,EAAE,oBAAoB;KACrC;CACF,CAAC;AAEF,qDAAqD;AACrD,MAAM,UAAU,iBAAiB,CAAC,KAAa;IAC7C,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,QAAQ,CAAC;AAClD,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@trusty-squire/mcp",
|
|
3
|
-
"version": "0.6.14-rc.
|
|
3
|
+
"version": "0.6.14-rc.35",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Local MCP server vibe coding agents install. Thin relay to the Trusty Squire API, with the bundled universal signup bot.",
|
|
6
6
|
"main": "./dist/server.js",
|