@x-code-cli/core 0.2.10 → 0.3.1

package/dist/mcp/client.js

@@ -0,0 +1,376 @@
+// @x-code-cli/core — Per-server MCP client wrapper
+//
+// One McpClient instance == one server connection. The class hides the
+// SDK's slightly awkward two-object setup (`new Client(...)` +
+// `new XxxTransport(...)` + `client.connect(transport)`) behind one
+// `connect()` method, owns transport teardown on `close()`, and exposes a
+// narrow surface (listTools / callTool / listResources / readResource /
+// close) that the registry actually needs.
+//
+// abortSignal threading: every server-bound RPC method takes an optional
+// AbortSignal and forwards it via `RequestOptions.signal`. When the user
+// hits Esc mid-tool-call the agent loop's signal aborts the SDK request,
+// which closes the JSON-RPC future without killing the underlying
+// connection — the next call can reuse the same transport.
+import { UnauthorizedError } from '@modelcontextprotocol/sdk/client/auth.js';
+import { Client } from '@modelcontextprotocol/sdk/client/index.js';
+import { StdioClientTransport } from '@modelcontextprotocol/sdk/client/stdio.js';
+import { StreamableHTTPClientTransport } from '@modelcontextprotocol/sdk/client/streamableHttp.js';
+import { debugLog } from '../utils.js';
+import { VERSION } from '../version.js';
+import { McpOAuthProvider } from './oauth/provider.js';
+import { isHttpConfig, isStdioConfig, } from './types.js';
+/** How many tail lines of stderr to keep around for diagnostics.
+ *  When a stdio server dies on startup or fails mid-call, surfacing the
+ *  last bit of its stderr in `/mcp list` is the difference between a
+ *  meaningful error and a useless "exit code 1". */
+const STDERR_TAIL_LINES = 20;
+const CLIENT_INFO = { name: 'x-code-cli', version: VERSION };
+/** Default first-connect timeout (ms). Overridable per-server via the
+ *  config's `timeout` field. 30s is generous — community stdio servers
+ *  are usually up in 100-500ms; the budget is for slow npx installs on
+ *  cold cache, not normal operation. */
+const DEFAULT_CONNECT_TIMEOUT_MS = 30_000;
+export class McpClient {
+    serverName;
+    config;
+    authProvider;
+    /** SDK client. Only present after a successful connect. */
+    client = null;
+    /** SDK transport. Owned by us so we can `close()` it cleanly. */
+    transport = null;
+    /** Rolling tail of stderr (stdio servers only). */
+    stderrTail = [];
+    /** Cached results from the last connect, served to the registry. */
+    cachedTools = [];
+    cachedResources = [];
+    constructor(serverName, config, 
+    /** Optional OAuth provider for HTTP servers. Stdio servers ignore this. */
+    authProvider) {
+        this.serverName = serverName;
+        this.config = config;
+        this.authProvider = authProvider;
+    }
+    /** Spawn / dial the server and complete the MCP initialize handshake.
+     *  On success, populates internal tool + resource caches. On failure,
+     *  cleans up the transport (no zombie subprocess) and re-throws. */
+    async connect() {
+        const timeout = this.config.timeout ?? DEFAULT_CONNECT_TIMEOUT_MS;
+        this.transport = this.buildTransport();
+        this.client = new Client(CLIENT_INFO, { capabilities: {} });
+        // SDK's connect() runs the initialize roundtrip and resolves once the
+        // server has acknowledged. Race it against an explicit timer because
+        // a stuck stdio child (e.g. npx hanging on registry fetch) wouldn't
+        // surface as an error otherwise — it'd just sit there.
+        const ctrl = new AbortController();
+        const timer = setTimeout(() => ctrl.abort(), timeout);
+        try {
+            await this.client.connect(this.transport, { signal: ctrl.signal });
+        }
+        catch (err) {
+            // UnauthorizedError is the expected throw during an OAuth flow:
+            // the SDK has called redirectToAuthorization and now wants the
+            // caller to finishAuth(code) on the SAME transport. If we tear
+            // down here, runOAuthDance loses its handle and can't complete
+            // the exchange. Leave transport + client alive; the caller
+            // (runOAuthDance) or finally-shutdown path will clean up. For
+            // any other error we still safeClose to avoid leaking a child
+            // process / dangling HTTP connection.
+            if (!isUnauthorizedError(err)) {
+                await this.safeClose();
+            }
+            throw this.enrichError(err);
+        }
+        finally {
+            clearTimeout(timer);
+        }
+        // Discover capabilities. Tools/resources are independent — a server
+        // can offer one without the other — and we tolerate either listing
+        // throwing (some servers reject `listResources` if they have none).
+        try {
+            const tools = await this.client.listTools();
+            this.cachedTools = (tools.tools ?? []).map((t) => ({
+                name: t.name,
+                description: t.description ?? '',
+                inputSchema: t.inputSchema ?? {},
+            }));
+        }
+        catch (err) {
+            debugLog('mcp.listTools-failed', `${this.serverName}: ${String(err)}`);
+            this.cachedTools = [];
+        }
+        try {
+            const resources = await this.client.listResources();
+            this.cachedResources = (resources.resources ?? []).map((r) => ({
+                uri: r.uri,
+                name: r.name ?? r.uri,
+                description: r.description,
+                mimeType: r.mimeType,
+                serverName: this.serverName,
+            }));
+        }
+        catch (err) {
+            debugLog('mcp.listResources-failed', `${this.serverName}: ${String(err)}`);
+            this.cachedResources = [];
+        }
+        return {
+            toolCount: this.cachedTools.length,
+            resourceCount: this.cachedResources.length,
+        };
+    }
+    /** Tools discovered at connect time. Stable for the connection lifetime;
+     *  refresh by calling connect() again on a fresh McpClient. */
+    tools() {
+        return this.cachedTools;
+    }
+    resources() {
+        return this.cachedResources;
+    }
+    /** Connect with a full interactive OAuth round-trip.
+     *
+     *  The MCP SDK's StreamableHTTP transport handles auth lazily: a fresh
+     *  connect with no stored token calls `authProvider.redirectToAuthorization`
+     *  and then throws `UnauthorizedError` because the token-exchange step
+     *  has to wait for the user. The caller is expected to wait for the
+     *  redirect callback to land, hand the authorization code to
+     *  `transport.finishAuth(code)`, then retry connect — at which point
+     *  tokens are saved and the next attempt succeeds.
+     *
+     *  We encapsulate that dance here so that the `/mcp auth` handler can
+     *  opt into "drive OAuth to completion" without knowing about
+     *  `finishAuth`. The default `connect()` path keeps the OAuth provider
+     *  PASSIVE — `redirectToAuthorization` is a no-op until we flip
+     *  `setInteractive(true)` here, so CLI boot doesn't accidentally pop a
+     *  browser window for servers in `needs_auth`. */
+    async connectWithOAuth(hooks = {}) {
+        if (!this.authProvider) {
+            throw new Error(`MCP server "${this.serverName}" has no OAuth provider configured`);
+        }
+        if (!(this.authProvider instanceof McpOAuthProvider)) {
+            // Allow third-party providers but skip our `waitForAuthCode` hook —
+            // they're expected to handle the flow themselves.
+            return this.connect();
+        }
+        const provider = this.authProvider;
+        // Eagerly start the callback server so the real loopback port is
+        // bound to `clientMetadata.redirect_uris` and `redirectUrl` BEFORE
+        // the SDK builds the dynamic-registration request. Otherwise we
+        // register with a port-less placeholder and Sentry (and any other
+        // auth server that doesn't honour RFC 8252 §7.3 loopback any-port)
+        // rejects the auth URL's real-port redirect_uri as "Invalid".
+        await provider.prepareForAuth();
+        // Tee the browser-open notification through the caller's hook so the
+        // /mcp auth handler can print into the CLI scrollback alongside the
+        // provider's own onOpenBrowser callback. We monkey-patch the method
+        // for the lifetime of THIS call (try/finally restores it). The
+        // provider doesn't expose an event API, but patching one method on
+        // one instance for one flow is bounded enough to be safe.
+        const originalRedirect = provider.redirectToAuthorization.bind(provider);
+        if (hooks.onBrowserOpen) {
+            provider.redirectToAuthorization = async (url) => {
+                try {
+                    hooks.onBrowserOpen?.(url.toString());
+                }
+                catch {
+                    // Hook failures must not abort the OAuth flow.
+                }
+                return originalRedirect(url);
+            };
+        }
+        try {
+            return await this.runOAuthDance();
+        }
+        finally {
+            provider.setInteractive(false);
+            if (hooks.onBrowserOpen) {
+                provider.redirectToAuthorization = originalRedirect;
+            }
+        }
+    }
+    /** The actual two-phase connect: attempt-1 fires redirect, then we
+     *  wait for the user, finish the auth, attempt-2 lands a real
+     *  session. Both attempts share `cachedTools` / `cachedResources`. */
+    async runOAuthDance() {
+        const provider = this.authProvider;
+        // First attempt: most likely throws UnauthorizedError after the
+        // browser has been launched. If tokens were somehow already valid
+        // (stale state on disk) this succeeds and we short-circuit out.
+        try {
+            return await this.connect();
+        }
+        catch (err) {
+            // Anything that isn't "we need to wait for the user" propagates.
+            if (!isUnauthorizedError(err)) {
+                provider.cancel();
+                throw err;
+            }
+        }
+        // The provider has already called redirectToAuthorization (the SDK
+        // does that internally before throwing). Now wait for the user to
+        // come back via the callback server, then complete the exchange.
+        const { code } = await provider.waitForAuthCode();
+        const transport = this.transport;
+        if (!(transport instanceof StreamableHTTPClientTransport)) {
+            throw new Error(`Internal error: OAuth flow expected an HTTP transport for "${this.serverName}"`);
+        }
+        await transport.finishAuth(code);
+        // Tokens are now saved. The first attempt left the client + transport
+        // in a half-open state (the SDK's connect threw mid-handshake); we
+        // need a clean transport for the retry, so close and rebuild. This
+        // also means the SDK's initialize roundtrip happens against a fresh
+        // socket, avoiding any "already connected" / state-leak surprises.
+        await this.safeClose();
+        return this.connect();
+    }
+    async callTool(name, args, signal) {
+        if (!this.client)
+            throw new Error(`MCP server "${this.serverName}" is not connected`);
+        const result = await this.client.callTool({ name, arguments: args }, undefined, { signal });
+        return flattenCallResult(result);
+    }
+    async readResource(uri, signal) {
+        if (!this.client)
+            throw new Error(`MCP server "${this.serverName}" is not connected`);
+        const result = await this.client.readResource({ uri }, { signal });
+        // Resources return an array of content blocks; concatenate text
+        // representations, preserving the first mimeType for the caller.
+        const parts = [];
+        let mimeType;
+        for (const c of result.contents ?? []) {
+            mimeType ??= c.mimeType;
+            const text = c.text;
+            if (typeof text === 'string')
+                parts.push(text);
+            else if (c.blob !== undefined) {
+                parts.push(`[binary content omitted, mimeType=${mimeType ?? 'unknown'}]`);
+            }
+        }
+        return { text: parts.join('\n'), mimeType };
+    }
+    /** Snapshot the last N stderr lines for diagnostics. Empty for HTTP. */
+    stderr() {
+        return this.stderrTail.join('\n');
+    }
+    async close() {
+        await this.safeClose();
+    }
+    // ── internals ──────────────────────────────────────────────────────────
+    buildTransport() {
+        if (isStdioConfig(this.config)) {
+            const t = new StdioClientTransport({
+                command: this.config.command,
+                args: this.config.args,
+                env: this.config.env,
+                cwd: this.config.cwd,
+                // Pipe stderr so we can capture diagnostics. Default "inherit"
+                // would dump the child's noise into the parent CLI's terminal,
+                // scrambling our cell-buffer UI.
+                stderr: 'pipe',
+            });
+            const stderr = t.stderr;
+            if (stderr) {
+                stderr.on('data', (chunk) => {
+                    const text = typeof chunk === 'string' ? chunk : chunk.toString('utf8');
+                    for (const line of text.split(/\r?\n/)) {
+                        if (!line)
+                            continue;
+                        this.stderrTail.push(line);
+                        if (this.stderrTail.length > STDERR_TAIL_LINES)
+                            this.stderrTail.shift();
+                    }
+                });
+            }
+            return t;
+        }
+        if (isHttpConfig(this.config)) {
+            return new StreamableHTTPClientTransport(new URL(this.config.url), {
+                requestInit: this.config.headers ? { headers: this.config.headers } : undefined,
+                authProvider: this.authProvider,
+            });
+        }
+        // Schema validation upstream should prevent this, but be defensive.
+        throw new Error(`mcp server "${this.serverName}": unrecognised config shape`);
+    }
+    async safeClose() {
+        // SDK's Client.close() also closes the transport. We try client first
+        // because it sends a proper shutdown notification; falling back to
+        // transport.close() if the client was never built (e.g. constructor
+        // threw before assignment).
+        try {
+            if (this.client) {
+                await this.client.close();
+            }
+            else if (this.transport) {
+                await this.transport.close();
+            }
+        }
+        catch (err) {
+            debugLog('mcp.close-error', `${this.serverName}: ${String(err)}`);
+        }
+        finally {
+            this.client = null;
+            this.transport = null;
+        }
+    }
+    /** Attach stderr tail (if any) to a connect error so /mcp list shows
+     *  something more useful than "Connection closed". */
+    enrichError(err) {
+        const base = err instanceof Error ? err : new Error(String(err));
+        if (this.stderrTail.length === 0)
+            return base;
+        const tail = this.stderrTail.slice(-5).join(' | ');
+        const enriched = new Error(`${base.message} — stderr: ${tail}`);
+        enriched.stack = base.stack;
+        return enriched;
+    }
+}
+/** Pattern-match an UnauthorizedError from the SDK without depending
+ *  on instanceof (which can be fragile across bundling boundaries when
+ *  the SDK is duplicated under different esm/cjs roots). The SDK exports
+ *  the class directly though, so we use both checks. */
+function isUnauthorizedError(err) {
+    if (err instanceof UnauthorizedError)
+        return true;
+    if (err instanceof Error) {
+        if (err.name === 'UnauthorizedError')
+            return true;
+        if (/unauthorized|401/i.test(err.message))
+            return true;
+    }
+    return false;
+}
+/** Flatten MCP call result content blocks into a single string.
+ *  MCP responses are an array of `{ type: "text" | "image" | ... }`
+ *  blocks. For tool_result we only care about the text; images/audio are
+ *  noted but not actually surfaced (the agent loop doesn't ingest images
+ *  from tool results, only from user input). */
+function flattenCallResult(result) {
+    const r = result;
+    const blocks = Array.isArray(r.content) ? r.content : [];
+    const parts = [];
+    for (const b of blocks) {
+        const block = b;
+        if (block.type === 'text' && typeof block.text === 'string') {
+            parts.push(block.text);
+        }
+        else if (block.type === 'image') {
+            parts.push(`[image content omitted, mimeType=${block.mimeType ?? 'unknown'}]`);
+        }
+        else if (block.type === 'resource') {
+            // Embedded resource — surface a one-line marker + any nested text.
+            const nested = block.resource;
+            if (nested?.text)
+                parts.push(nested.text);
+            else if (nested?.uri)
+                parts.push(`[resource: ${nested.uri}]`);
+        }
+        else if (block.type) {
+            parts.push(`[${block.type} content]`);
+        }
+    }
+    return {
+        text: parts.join('\n').trim() || '(empty response)',
+        isError: r.isError === true,
+    };
+}
+//# sourceMappingURL=client.js.map

package/dist/mcp/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/mcp/client.ts"],"names":[],"mappings":"AAAA,mDAAmD;AACnD,EAAE;AACF,uEAAuE;AACvE,+DAA+D;AAC/D,oEAAoE;AACpE,0EAA0E;AAC1E,wEAAwE;AACxE,2CAA2C;AAC3C,EAAE;AACF,yEAAyE;AACzE,yEAAyE;AACzE,yEAAyE;AACzE,kEAAkE;AAClE,2DAA2D;AAC3D,OAAO,EAA4B,iBAAiB,EAAE,MAAM,0CAA0C,CAAA;AACtG,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAA;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAA;AAChF,OAAO,EAAE,6BAA6B,EAAE,MAAM,oDAAoD,CAAA;AAKlG,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAA;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAA;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,OAAO,EAIL,YAAY,EACZ,aAAa,GACd,MAAM,YAAY,CAAA;AAEnB;;;oDAGoD;AACpD,MAAM,iBAAiB,GAAG,EAAE,CAAA;AAE5B,MAAM,WAAW,GAAG,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,OAAO,EAAE,CAAA;AAE5D;;;wCAGwC;AACxC,MAAM,0BAA0B,GAAG,MAAM,CAAA;AAOzC,MAAM,OAAO,SAAS;IAYF;IACC;IAEA;IAdnB,2DAA2D;IACnD,MAAM,GAAkB,IAAI,CAAA;IACpC,iEAAiE;IACzD,SAAS,GAAqB,IAAI,CAAA;IAC1C,mDAAmD;IAC3C,UAAU,GAAa,EAAE,CAAA;IACjC,oEAAoE;IAC5D,WAAW,GAAwF,EAAE,CAAA;IACrG,eAAe,GAAuB,EAAE,CAAA;IAEhD,YACkB,UAAkB,EACjB,MAAuB;IACxC,2EAA2E;IAC1D,YAAkC;QAHnC,eAAU,GAAV,UAAU,CAAQ;QACjB,WAAM,GAAN,MAAM,CAAiB;QAEvB,iBAAY,GAAZ,YAAY,CAAsB;IAClD,CAAC;IAEJ;;wEAEoE;IACpE,KAAK,CAAC,OAAO;QACX,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,0BAA0B,CAAA;QAEjE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,cAAc,EAAE,CAAA;QACtC,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,WAAW,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC,CAAA;QAE3D,sEAAsE;QACtE,qEAAqE;QACrE,oEAAoE;QACpE,uDAAuD;QACvD,MAAM,IAAI,GAAG,IAAI,eAAe,EAAE,CAAA;QAClC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,CAAA;QACrD,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAA;QACpE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,gEAAgE;YAChE,+DAA+D;YAC/D,+DAA+D;YAC/D,+DAA+D;YAC/D,2DAA2D;YAC3D,8DAA8D;YAC9D,8DAA8D;YAC9D,sCAAsC;YACtC,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9B,MAAM,IAAI,CAAC,SAAS,EAAE,CAAA;YACxB,CAAC;YACD,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QAC7B,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAA;QACrB,CAAC;QAED,oEAAoE;QACpE,mEAAmE;QACnE,oEAAoE;QACpE,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YAC3C,IAAI,CAAC,WAAW,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACjD,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,EAAE;gBAChC,WAAW,EAAG,CAAC,CAAC,WAAuC,IAAI,EAAE;aAC9D,CAAC,CAAC,CAAA;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,sBAAsB,EAAE,GAAG,IAAI,CAAC,UAAU,KAAK,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;YACtE,IAAI,CAAC,WAAW,GAAG,EAAE,CAAA;QACvB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAA;YACnD,IAAI,CAAC,eAAe,GAAG,CAAC,SAAS,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC7D,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG;gBACrB,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,UAAU,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAC,CAAC,CAAA;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,0BAA0B,EAAE,GAAG,IAAI,CAAC,UAAU,KAAK,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;YAC1E,IAAI,CAAC,eAAe,GAAG,EAAE,CAAA;QAC3B,CAAC;QAED,OAAO;YACL,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,MAAM;YAClC,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC,MAAM;SAC3C,CAAA;IACH,CAAC;IAED;mEAC+D;IAC/D,KAAK;QACH,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED,SAAS;QACP,OAAO,IAAI,CAAC,eAAe,CAAA;IAC7B,CAAC;IAED;;;;;;;;;;;;;;;sDAekD;IAClD,KAAK,CAAC,gBAAgB,CAAC,QAAmD,EAAE;QAC1E,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,eAAe,IAAI,CAAC,UAAU,oCAAoC,CAAC,CAAA;QACrF,CAAC;QACD,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,YAAY,gBAAgB,CAAC,EAAE,CAAC;YACrD,oEAAoE;YACpE,kDAAkD;YAClD,OAAO,IAAI,CAAC,OAAO,EAAE,CAAA;QACvB,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAA;QAElC,iEAAiE;QACjE,mEAAmE;QACnE,gEAAgE;QAChE,kEAAkE;QAClE,mEAAmE;QACnE,8DAA8D;QAC9D,MAAM,QAAQ,CAAC,cAAc,EAAE,CAAA;QAE/B,qEAAqE;QACrE,oEAAoE;QACpE,oEAAoE;QACpE,+DAA+D;QAC/D,mEAAmE;QACnE,0DAA0D;QAC1D,MAAM,gBAAgB,GAAG,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACxE,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;YACxB,QAAQ,CAAC,uBAAuB,GAAG,KAAK,EAAE,GAAQ,EAAE,EAAE;gBACpD,IAAI,CAAC;oBACH,KAAK,CAAC,aAAa,EAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAA;gBACvC,CAAC;gBAAC,MAAM,CAAC;oBACP,+CAA+C;gBACjD,CAAC;gBACD,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAA;YAC9B,CAAC,CAAA;QACH,CAAC;QACD,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,aAAa,EAAE,CAAA;QACnC,CAAC;gBAAS,CAAC;YACT,QAAQ,CAAC,cAAc,CAAC,KAAK,CAAC,CAAA;YAC9B,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;gBACxB,QAAQ,CAAC,uBAAuB,GAAG,gBAAgB,CAAA;YACrD,CAAC;QACH,CAAC;IACH,CAAC;IAED;;0EAEsE;IAC9D,KAAK,CAAC,aAAa;QACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAgC,CAAA;QAEtD,gEAAgE;QAChE,kEAAkE;QAClE,gEAAgE;QAChE,IAAI,CAAC;YACH,OAAO,MAAM,IAAI,CAAC,OAAO,EAAE,CAAA;QAC7B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,iEAAiE;YACjE,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9B,QAAQ,CAAC,MAAM,EAAE,CAAA;gBACjB,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;QAED,mEAAmE;QACnE,kEAAkE;QAClE,iEAAiE;QACjE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,CAAA;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAA;QAChC,IAAI,CAAC,CAAC,SAAS,YAAY,6BAA6B,CAAC,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CAAC,8DAA8D,IAAI,CAAC,UAAU,GAAG,CAAC,CAAA;QACnG,CAAC;QACD,MAAM,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAA;QAEhC,sEAAsE;QACtE,mEAAmE;QACnE,mEAAmE;QACnE,oEAAoE;QACpE,mEAAmE;QACnE,MAAM,IAAI,CAAC,SAAS,EAAE,CAAA;QACtB,OAAO,IAAI,CAAC,OAAO,EAAE,CAAA;IACvB,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,IAAY,EAAE,IAAa,EAAE,MAAoB;QAC9D,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,IAAI,CAAC,UAAU,oBAAoB,CAAC,CAAA;QACrF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CACvC,EAAE,IAAI,EAAE,SAAS,EAAE,IAA2C,EAAE,EAChE,SAAS,EACT,EAAE,MAAM,EAAE,CACX,CAAA;QACD,OAAO,iBAAiB,CAAC,MAAM,CAAC,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAW,EAAE,MAAoB;QAClD,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,eAAe,IAAI,CAAC,UAAU,oBAAoB,CAAC,CAAA;QACrF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;QAClE,gEAAgE;QAChE,iEAAiE;QACjE,MAAM,KAAK,GAAa,EAAE,CAAA;QAC1B,IAAI,QAA4B,CAAA;QAChC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;YACtC,QAAQ,KAAM,CAA2B,CAAC,QAAQ,CAAA;YAClD,MAAM,IAAI,GAAI,CAAuB,CAAC,IAAI,CAAA;YAC1C,IAAI,OAAO,IAAI,KAAK,QAAQ;gBAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;iBACzC,IAAK,CAAuB,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACrD,KAAK,CAAC,IAAI,CAAC,qCAAqC,QAAQ,IAAI,SAAS,GAAG,CAAC,CAAA;YAC3E,CAAC;QACH,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAA;IAC7C,CAAC;IAED,wEAAwE;IACxE,MAAM;QACJ,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACnC,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,IAAI,CAAC,SAAS,EAAE,CAAA;IACxB,CAAC;IAED,0EAA0E;IAElE,cAAc;QACpB,IAAI,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YAC/B,MAAM,CAAC,GAAG,IAAI,oBAAoB,CAAC;gBACjC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;gBAC5B,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI;gBACtB,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG;gBACpB,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG;gBACpB,+DAA+D;gBAC/D,+DAA+D;gBAC/D,iCAAiC;gBACjC,MAAM,EAAE,MAAM;aACf,CAAC,CAAA;YACF,MAAM,MAAM,GAAkB,CAAC,CAAC,MAAM,CAAA;YACtC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAsB,EAAE,EAAE;oBAC3C,MAAM,IAAI,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;oBACvE,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;wBACvC,IAAI,CAAC,IAAI;4BAAE,SAAQ;wBACnB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;wBAC1B,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,iBAAiB;4BAAE,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAA;oBACzE,CAAC;gBACH,CAAC,CAAC,CAAA;YACJ,CAAC;YACD,OAAO,CAAC,CAAA;QACV,CAAC;QAED,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,6BAA6B,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;gBACjE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,SAAS;gBAC/E,YAAY,EAAE,IAAI,CAAC,YAAY;aAChC,CAAC,CAAA;QACJ,CAAC;QAED,oEAAoE;QACpE,MAAM,IAAI,KAAK,CAAC,eAAe,IAAI,CAAC,UAAU,8BAA8B,CAAC,CAAA;IAC/E,CAAC;IAEO,KAAK,CAAC,SAAS;QACrB,sEAAsE;QACtE,mEAAmE;QACnE,oEAAoE;QACpE,4BAA4B;QAC5B,IAAI,CAAC;YACH,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAA;YAC3B,CAAC;iBAAM,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC1B,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAA;YAC9B,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,iBAAiB,EAAE,GAAG,IAAI,CAAC,UAAU,KAAK,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACnE,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,MAAM,GAAG,IAAI,CAAA;YAClB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAA;QACvB,CAAC;IACH,CAAC;IAED;0DACsD;IAC9C,WAAW,CAAC,GAAY;QAC9B,MAAM,IAAI,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAA;QAChE,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAA;QAC7C,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QAClD,MAAM,QAAQ,GAAG,IAAI,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,cAAc,IAAI,EAAE,CAAC,CAAA;QAC/D,QAAQ,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAA;QAC3B,OAAO,QAAQ,CAAA;IACjB,CAAC;CACF;AAED;;;wDAGwD;AACxD,SAAS,mBAAmB,CAAC,GAAY;IACvC,IAAI,GAAG,YAAY,iBAAiB;QAAE,OAAO,IAAI,CAAA;IACjD,IAAI,GAAG,YAAY,KAAK,EAAE,CAAC;QACzB,IAAI,GAAG,CAAC,IAAI,KAAK,mBAAmB;YAAE,OAAO,IAAI,CAAA;QACjD,IAAI,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAA;IACxD,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;;;gDAIgD;AAChD,SAAS,iBAAiB,CAAC,MAAe;IACxC,MAAM,CAAC,GAAG,MAAyD,CAAA;IACnE,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAA;IACxD,MAAM,KAAK,GAAa,EAAE,CAAA;IAC1B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,CAAwE,CAAA;QACtF,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC5D,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACxB,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,oCAAoC,KAAK,CAAC,QAAQ,IAAI,SAAS,GAAG,CAAC,CAAA;QAChF,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;YACrC,mEAAmE;YACnE,MAAM,MAAM,GAAI,KAAwD,CAAC,QAAQ,CAAA;YACjF,IAAI,MAAM,EAAE,IAAI;gBAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;iBACpC,IAAI,MAAM,EAAE,GAAG;gBAAE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,GAAG,GAAG,CAAC,CAAA;QAC/D,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;YACtB,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,WAAW,CAAC,CAAA;QACvC,CAAC;IACH,CAAC;IACD,OAAO;QACL,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,IAAI,kBAAkB;QACnD,OAAO,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI;KAC5B,CAAA;AACH,CAAC"}

package/dist/mcp/config-schema.d.ts

@@ -0,0 +1,64 @@
+import { z } from 'zod';
+import type { McpServerConfig } from './types.js';
+export declare const mcpServersSchema: z.ZodRecord<z.ZodString, z.ZodEffects<z.ZodObject<{
+    command: z.ZodOptional<z.ZodString>;
+    args: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    env: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    cwd: z.ZodOptional<z.ZodString>;
+    url: z.ZodOptional<z.ZodString>;
+    headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+    enabled: z.ZodOptional<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    timeout?: number | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    args?: string[] | undefined;
+    url?: string | undefined;
+    command?: string | undefined;
+    headers?: Record<string, string> | undefined;
+    enabled?: boolean | undefined;
+}, {
+    timeout?: number | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    args?: string[] | undefined;
+    url?: string | undefined;
+    command?: string | undefined;
+    headers?: Record<string, string> | undefined;
+    enabled?: boolean | undefined;
+}>, {
+    timeout?: number | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    args?: string[] | undefined;
+    url?: string | undefined;
+    command?: string | undefined;
+    headers?: Record<string, string> | undefined;
+    enabled?: boolean | undefined;
+}, {
+    timeout?: number | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    args?: string[] | undefined;
+    url?: string | undefined;
+    command?: string | undefined;
+    headers?: Record<string, string> | undefined;
+    enabled?: boolean | undefined;
+}>>;
+/** Validate a single server config; throw with a context-tagged message
+ *  if it fails. Server name is included so the error tells the user which
+ *  entry in their config.json is broken. */
+export declare function parseServerConfig(name: string, raw: unknown): McpServerConfig;
+/** Validate the entire `mcpServers` block. Returns a partial result:
+ *  every entry that parsed cleanly is included; broken ones surface in
+ *  `errors` so the loader can mark them `failed` without aborting the
+ *  whole config. */
+export declare function parseServersBlock(raw: unknown): {
+    servers: Record<string, McpServerConfig>;
+    errors: Array<{
+        name: string;
+        message: string;
+    }>;
+};
+//# sourceMappingURL=config-schema.d.ts.map

package/dist/mcp/config-schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-schema.d.ts","sourceRoot":"","sources":["../../src/mcp/config-schema.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AA6CjD,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAA4C,CAAA;AAEzE;;4CAE4C;AAC5C,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,eAAe,CAO7E;AAED;;;oBAGoB;AACpB,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,OAAO,GAAG;IAC/C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAA;IACxC,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CACjD,CAmBA"}

package/dist/mcp/config-schema.js

@@ -0,0 +1,86 @@
+// @x-code-cli/core — MCP config Zod schema
+//
+// Validates the `mcpServers` field of ~/.x-code/config.json (and the
+// project-level .x-code/config.json). One schema covers both stdio and
+// streamable-http servers; the union discriminator is field presence:
+// `command` → stdio, `url` → http. Configs that have neither (or both)
+// are rejected before we try to spawn anything.
+import { z } from 'zod';
+/** Single permissive schema covering both transports. Field presence
+ *  (`command` vs `url`) is the discriminator, enforced via superRefine
+ *  rather than z.union — union's per-variant validation hides our
+ *  "exactly one of" rule when neither field is present (Zod just says
+ *  "Invalid input" because no variant matched). With one flat schema
+ *  + superRefine we get readable error messages for every misshape. */
+const serverSchema = z
+    .object({
+    command: z.string().min(1).optional(),
+    args: z.array(z.string()).optional(),
+    env: z.record(z.string(), z.string()).optional(),
+    cwd: z.string().optional(),
+    url: z.string().url().optional(),
+    headers: z.record(z.string(), z.string()).optional(),
+    timeout: z.number().int().positive().optional(),
+    enabled: z.boolean().optional(),
+})
+    .superRefine((v, ctx) => {
+    const hasCommand = typeof v.command === 'string';
+    const hasUrl = typeof v.url === 'string';
+    if (hasCommand && hasUrl) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            message: 'mcpServers entry has both `command` and `url` — set only one',
+        });
+    }
+    if (!hasCommand && !hasUrl) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            message: 'mcpServers entry must set either `command` (stdio) or `url` (http)',
+        });
+    }
+    // Cross-field validation: HTTP-only fields with stdio config, and
+    // vice versa. Not strictly required (extra fields are ignored at
+    // runtime) but the error message catches typos early.
+    if (hasCommand && typeof v.headers !== 'undefined') {
+        ctx.addIssue({ code: z.ZodIssueCode.custom, message: '`headers` is only valid for HTTP servers' });
+    }
+    if (hasUrl && (v.args || v.env || v.cwd)) {
+        ctx.addIssue({ code: z.ZodIssueCode.custom, message: '`args`/`env`/`cwd` are only valid for stdio servers' });
+    }
+});
+export const mcpServersSchema = z.record(z.string().min(1), serverSchema);
+/** Validate a single server config; throw with a context-tagged message
+ *  if it fails. Server name is included so the error tells the user which
+ *  entry in their config.json is broken. */
+export function parseServerConfig(name, raw) {
+    const result = serverSchema.safeParse(raw);
+    if (!result.success) {
+        const issues = result.error.issues.map((i) => i.message).join('; ');
+        throw new Error(`mcpServers.${name}: ${issues}`);
+    }
+    return result.data;
+}
+/** Validate the entire `mcpServers` block. Returns a partial result:
+ *  every entry that parsed cleanly is included; broken ones surface in
+ *  `errors` so the loader can mark them `failed` without aborting the
+ *  whole config. */
+export function parseServersBlock(raw) {
+    const servers = {};
+    const errors = [];
+    if (raw === undefined || raw === null)
+        return { servers, errors };
+    if (typeof raw !== 'object' || Array.isArray(raw)) {
+        errors.push({ name: '(root)', message: 'mcpServers must be an object' });
+        return { servers, errors };
+    }
+    for (const [name, entry] of Object.entries(raw)) {
+        try {
+            servers[name] = parseServerConfig(name, entry);
+        }
+        catch (err) {
+            errors.push({ name, message: err instanceof Error ? err.message : String(err) });
+        }
+    }
+    return { servers, errors };
+}
+//# sourceMappingURL=config-schema.js.map

package/dist/mcp/config-schema.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-schema.js","sourceRoot":"","sources":["../../src/mcp/config-schema.ts"],"names":[],"mappings":"AAAA,2CAA2C;AAC3C,EAAE;AACF,qEAAqE;AACrE,uEAAuE;AACvE,sEAAsE;AACtE,uEAAuE;AACvE,gDAAgD;AAChD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAIvB;;;;;uEAKuE;AACvE,MAAM,YAAY,GAAG,CAAC;KACnB,MAAM,CAAC;IACN,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACrC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACpC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAChD,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IAChC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACpD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC/C,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAChC,CAAC;KACD,WAAW,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;IACtB,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAA;IAChD,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAA;IACxC,IAAI,UAAU,IAAI,MAAM,EAAE,CAAC;QACzB,GAAG,CAAC,QAAQ,CAAC;YACX,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM;YAC3B,OAAO,EAAE,8DAA8D;SACxE,CAAC,CAAA;IACJ,CAAC;IACD,IAAI,CAAC,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC;QAC3B,GAAG,CAAC,QAAQ,CAAC;YACX,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM;YAC3B,OAAO,EAAE,oEAAoE;SAC9E,CAAC,CAAA;IACJ,CAAC;IACD,kEAAkE;IAClE,iEAAiE;IACjE,sDAAsD;IACtD,IAAI,UAAU,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;QACnD,GAAG,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,EAAE,0CAA0C,EAAE,CAAC,CAAA;IACpG,CAAC;IACD,IAAI,MAAM,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC;QACzC,GAAG,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,EAAE,qDAAqD,EAAE,CAAC,CAAA;IAC/G,CAAC;AACH,CAAC,CAAC,CAAA;AAEJ,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;AAEzE;;4CAE4C;AAC5C,MAAM,UAAU,iBAAiB,CAAC,IAAY,EAAE,GAAY;IAC1D,MAAM,MAAM,GAAG,YAAY,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;IAC1C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACnE,MAAM,IAAI,KAAK,CAAC,cAAc,IAAI,KAAK,MAAM,EAAE,CAAC,CAAA;IAClD,CAAC;IACD,OAAO,MAAM,CAAC,IAAuB,CAAA;AACvC,CAAC;AAED;;;oBAGoB;AACpB,MAAM,UAAU,iBAAiB,CAAC,GAAY;IAI5C,MAAM,OAAO,GAAoC,EAAE,CAAA;IACnD,MAAM,MAAM,GAA6C,EAAE,CAAA;IAE3D,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAA;IACjE,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAClD,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC,CAAA;QACxE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAA;IAC5B,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAA8B,CAAC,EAAE,CAAC;QAC3E,IAAI,CAAC;YACH,OAAO,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAChD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QAClF,CAAC;IACH,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAA;AAC5B,CAAC"}

package/dist/mcp/config-writer.d.ts

@@ -0,0 +1,41 @@
+import { type McpServerConfig } from './types.js';
+export type ConfigScope = 'user' | 'project';
+/** Where each scope's config.json lives. Mirrors the same paths the loader
+ *  reads from, so a write here is guaranteed to be picked up on the next
+ *  load (or `/mcp refresh`). */
+export declare function getConfigPath(scope: ConfigScope, cwd: string): string;
+/** Where a given server name currently lives. Returned to the App.tsx
+ *  caller so `/mcp remove` can auto-target the right scope (and detect
+ *  the rare both-scopes ambiguity that forces an explicit --scope). */
+export type DetectScopeResult = {
+    kind: 'not-found';
+} | {
+    kind: 'user';
+} | {
+    kind: 'project';
+} | {
+    kind: 'both';
+};
+export declare function detectScope(name: string, cwd: string): Promise<DetectScopeResult>;
+export declare function serverExists(name: string, scope: ConfigScope, cwd: string): Promise<boolean>;
+/** Add a server to the given scope's config.json. Refuses to overwrite —
+ *  caller must check duplicates first via `serverExists` and surface a
+ *  helpful error including current vs. attempted config. */
+export declare function writeServerToConfig(name: string, config: McpServerConfig, scope: ConfigScope, cwd: string): Promise<{
+    path: string;
+}>;
+/** Remove a server from the given scope's config.json. Idempotent: returns
+ *  `removed: false` when the name wasn't present (or the file didn't exist).
+ *  Leaves the file with an empty `mcpServers: {}` rather than deleting the
+ *  field — preserves the spot for future adds and avoids churn that would
+ *  surprise users diffing the file in git. */
+export declare function removeServerFromConfig(name: string, scope: ConfigScope, cwd: string): Promise<{
+    path: string;
+    removed: boolean;
+}>;
+/** Read the current config for `name` from the given scope, for the
+ *  "already exists, here's what's there" path of /mcp add. Returns null
+ *  if not present. Best-effort: a malformed entry returns null rather
+ *  than throwing — the duplicate-check use case shouldn't crash. */
+export declare function readServerConfig(name: string, scope: ConfigScope, cwd: string): Promise<unknown | null>;
+//# sourceMappingURL=config-writer.d.ts.map

package/dist/mcp/config-writer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-writer.d.ts","sourceRoot":"","sources":["../../src/mcp/config-writer.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,YAAY,CAAA;AAEjD,MAAM,MAAM,WAAW,GAAG,MAAM,GAAG,SAAS,CAAA;AAE5C;;gCAEgC;AAChC,wBAAgB,aAAa,CAAC,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAGrE;AAqCD;;uEAEuE;AACvE,MAAM,MAAM,iBAAiB,GAAG;IAAE,IAAI,EAAE,WAAW,CAAA;CAAE,GAAG;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG;IAAE,IAAI,EAAE,SAAS,CAAA;CAAE,GAAG;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAA;AAEjH,wBAAsB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAMvF;AAED,wBAAsB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAKlG;AAED;;4DAE4D;AAC5D,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,eAAe,EACvB,KAAK,EAAE,WAAW,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CAgB3B;AAED;;;;8CAI8C;AAC9C,wBAAsB,sBAAsB,CAC1C,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,WAAW,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,OAAO,CAAA;CAAE,CAAC,CAkB7C;AAED;;;oEAGoE;AACpE,wBAAsB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAU7G"}