npm - @yawlabs/npmjs-mcp - Versions diffs - 0.11.1 → 0.11.3 - Mend

@yawlabs/npmjs-mcp 0.11.1 → 0.11.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +28 -11
package/package.json +57 -57

package/dist/index.js CHANGED Viewed

@@ -30437,11 +30437,15 @@ function maxSatisfying(versions, range) {
   for (const sub of subRanges) {
     const parsed = parseRange(sub);
     if (!parsed) continue;
-    const subTargetsPrerelease = /\d+\.\d+\.\d+-/.test(sub);
+    const anchorMatch = sub.match(/(\d+)\.(\d+)\.(\d+)-/);
+    const prereleaseAnchor = anchorMatch ? [Number(anchorMatch[1]), Number(anchorMatch[2]), Number(anchorMatch[3])] : null;
     for (const v of versions) {
-      if (v.includes("-") && !subTargetsPrerelease) continue;
       const vp = parseSemver(v);
       if (!vp) continue;
+      if (v.includes("-")) {
+        if (!prereleaseAnchor) continue;
+        if (vp[0] !== prereleaseAnchor[0] || vp[1] !== prereleaseAnchor[1] || vp[2] !== prereleaseAnchor[2]) continue;
+      }
       if (parsed.min && cmpSemver(vp, parsed.min) < 0) continue;
       if (parsed.max && cmpSemver(vp, parsed.max) >= 0) continue;
       if (!bestParsed || cmpSemver(vp, bestParsed) > 0) {
@@ -30951,8 +30955,10 @@ var authTools = [
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      const userErr = validateUsername(input.username);
+      if (userErr) return { ok: false, status: 400, error: userErr };
       const res = await registryGetAuth(
-        `/-/user/org.couchdb.user:${encodeURIComponent(input.username)}/package`
+        `/-/user/org.couchdb.user:${encUser(input.username)}/package`
       );
       if (!res.ok) return translateError(res, { op: `user_packages ${input.username}` });
       const packages = Object.entries(res.data).map(([name, access]) => ({ name, access }));
@@ -31242,6 +31248,7 @@ function classifyHookTarget(target) {
   if (/^@[^/]+$/.test(target)) return { type: "scope", name: target };
   return { type: "package", name: target };
 }
+var httpsEndpoint = external_exports3.string().url().refine((u) => u.startsWith("https://"), { message: "Endpoint must use https://" });
 function stripSecrets(data) {
   if (Array.isArray(data)) {
     return data.map((item) => stripSecrets(item));
@@ -31269,7 +31276,7 @@ var hookTools = [
     },
     inputSchema: external_exports3.object({
       target: external_exports3.string().describe("Hook target: 'pkg', '@scope/pkg', '@scope', or '~user'"),
-      endpoint: external_exports3.string().url().describe("HTTPS URL that will receive POST events"),
+      endpoint: httpsEndpoint.describe("HTTPS URL that will receive POST events"),
       secret: external_exports3.string().describe("Secret used to HMAC-sign webhook payloads")
     }),
     handler: async (input) => {
@@ -31347,7 +31354,7 @@ var hookTools = [
     },
     inputSchema: external_exports3.object({
       id: external_exports3.string().describe("Hook ID"),
-      endpoint: external_exports3.string().url().describe("New HTTPS URL"),
+      endpoint: httpsEndpoint.describe("New HTTPS URL"),
       secret: external_exports3.string().describe("New signing secret")
     }),
     handler: async (input) => {
@@ -31673,20 +31680,21 @@ var packageTools = [
       if (!res.ok) return translateError(res, { pkg: input.name, op: "versions" });
       const pkg = res.data;
       const limit = input.limit ?? 50;
-      const allVersions = Object.keys(pkg.versions).map((v) => ({
+      const totalPublished = Object.keys(pkg.versions).length;
+      const dated = Object.keys(pkg.versions).map((v) => ({
         version: v,
         date: pkg.time[v],
         deprecated: pkg.versions[v].deprecated,
         npmUser: pkg.versions[v]._npmUser?.name
-      })).sort((a, b) => new Date(b.date).getTime() - new Date(a.date).getTime());
-      const versions = limit > 0 ? allVersions.slice(0, limit) : allVersions;
+      })).filter((r) => r.date).sort((a, b) => new Date(b.date).getTime() - new Date(a.date).getTime());
+      const versions = limit > 0 ? dated.slice(0, limit) : dated;
       return {
         ok: true,
         status: 200,
         data: {
           name: pkg.name,
           distTags: pkg["dist-tags"],
-          total: allVersions.length,
+          total: totalPublished,
           showing: versions.length,
           versions
         }
@@ -32372,6 +32380,12 @@ var workflowTools = [
             detail: `"${input.name}" exists. Maintainers: ${maintainers.join(", ") || "unknown"}. Authenticate to check your access.`
           });
         }
+      } else {
+        checks.push({
+          check: "Package name availability",
+          status: "warn",
+          detail: `Could not verify whether "${input.name}" is available or whether you have access (registry returned HTTP ${pkgRes.status}). Re-run npm_publish_preflight before publishing.`
+        });
       }
       if (twoFactorAuth && twoFactorAuth !== "disabled" && canPublishHeadless !== true) {
         actions.push({
@@ -32439,6 +32453,7 @@ function parseTeamTarget(target) {
 function highestVersion(versions) {
   const parsed = [];
   for (const v of versions) {
+    if (v.includes("-")) continue;
     const m = v.match(/^(\d+)\.(\d+)\.(\d+)/);
     if (m) parsed.push([Number(m[1]), Number(m[2]), Number(m[3]), v]);
   }
@@ -32640,6 +32655,7 @@ var writeTools = [
           tarballError = "could not re-fetch packument for tarball DELETE rev";
         }
       }
+      const complete = !tarballUrl || tarballDeleted;
       return {
         ok: true,
         status: 200,
@@ -32647,6 +32663,7 @@ var writeTools = [
           package: input.name,
           unpublishedVersion: input.version,
           remainingVersions: Object.keys(packument.versions),
+          complete,
           tarballDeleted,
           ...tarballError ? { tarballWarning: tarballError } : {}
         }
@@ -33303,9 +33320,9 @@ var writeTools = [
 ];
 // src/index.ts
-var version2 = true ? "0.11.1" : (await null).createRequire(import.meta.url)("../package.json").version;
+var version2 = true ? "0.11.3" : (await null).createRequire(import.meta.url)("../package.json").version;
 var subcommand = process.argv[2];
-if (subcommand === "version" || subcommand === "--version") {
+if (subcommand === "version" || subcommand === "--version" || subcommand === "-v" || subcommand === "-V") {
   console.log(version2);
   process.exit(0);
 }

package/package.json CHANGED Viewed

@@ -1,57 +1,57 @@
-{
-  "name": "@yawlabs/npmjs-mcp",
-  "version": "0.11.1",
-  "description": "npm registry MCP server — package intelligence, security audits, and dependency analysis for AI assistants",
-  "license": "MIT",
-  "author": "YawLabs <contact@yaw.sh>",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/YawLabs/npmjs-mcp.git"
-  },
-  "keywords": [
-    "npm",
-    "npmjs",
-    "registry",
-    "mcp",
-    "model-context-protocol",
-    "ai",
-    "packages",
-    "security",
-    "audit",
-    "dependencies"
-  ],
-  "type": "module",
-  "main": "dist/index.js",
-  "bin": {
-    "npmjs-mcp": "dist/index.js"
-  },
-  "files": [
-    "dist/index.js"
-  ],
-  "scripts": {
-    "build": "tsc && node build.mjs",
-    "dev": "tsc --watch",
-    "start": "node dist/index.js",
-    "test": "npm run build && node --test dist/api.test.js dist/tools/tools.test.js dist/tools/handlers.test.js dist/tools/writes.test.js dist/tools/hooks.test.js",
-    "test:ci": "npm run test",
-    "lint": "biome check src/",
-    "lint:fix": "biome check --write src/",
-    "prepublishOnly": "npm run build"
-  },
-  "dependencies": {},
-  "overrides": {
-    "hono": "^4.12.14",
-    "@hono/node-server": "^1.19.13"
-  },
-  "devDependencies": {
-    "@biomejs/biome": "^2.4.12",
-    "@modelcontextprotocol/sdk": "^1.29.0",
-    "@types/node": "^25.6.0",
-    "esbuild": "^0.28.0",
-    "typescript": "^6.0.3",
-    "zod": "^4.3.6"
-  },
-  "engines": {
-    "node": ">=18"
-  }
-}
+{
+  "name": "@yawlabs/npmjs-mcp",
+  "version": "0.11.3",
+  "description": "npm registry MCP server — package intelligence, security audits, and dependency analysis for AI assistants",
+  "license": "MIT",
+  "author": "YawLabs <contact@yaw.sh>",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/YawLabs/npmjs-mcp.git"
+  },
+  "keywords": [
+    "npm",
+    "npmjs",
+    "registry",
+    "mcp",
+    "model-context-protocol",
+    "ai",
+    "packages",
+    "security",
+    "audit",
+    "dependencies"
+  ],
+  "type": "module",
+  "main": "dist/index.js",
+  "bin": {
+    "npmjs-mcp": "dist/index.js"
+  },
+  "files": [
+    "dist/index.js"
+  ],
+  "scripts": {
+    "build": "tsc && node build.mjs",
+    "dev": "tsc --watch",
+    "start": "node dist/index.js",
+    "test": "npm run build && node --test dist/api.test.js dist/tools/tools.test.js dist/tools/handlers.test.js dist/tools/writes.test.js dist/tools/hooks.test.js",
+    "test:ci": "npm run test",
+    "lint": "biome check src/",
+    "lint:fix": "biome check --write src/",
+    "prepublishOnly": "npm run build"
+  },
+  "dependencies": {},
+  "overrides": {
+    "hono": "^4.12.14",
+    "@hono/node-server": "^1.19.13"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "^2.4.12",
+    "@modelcontextprotocol/sdk": "^1.29.0",
+    "@types/node": "^25.6.0",
+    "esbuild": "^0.28.0",
+    "typescript": "^6.0.3",
+    "zod": "^4.3.6"
+  },
+  "engines": {
+    "node": ">=20"
+  }
+}