@yawlabs/npmjs-mcp 0.8.0 → 0.10.0

package/README.md

@@ -1,29 +1,42 @@
 # @yawlabs/npmjs-mcp
 
-MCP server for the [npm](https://www.npmjs.com) registry. Package intelligence, security audits, dependency analysis, and org management from any MCP-compatible AI assistant.
+[![npm version](https://img.shields.io/npm/v/@yawlabs/npmjs-mcp)](https://www.npmjs.com/package/@yawlabs/npmjs-mcp)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+[![GitHub stars](https://img.shields.io/github/stars/YawLabs/npmjs-mcp)](https://github.com/YawLabs/npmjs-mcp/stargazers)
+[![CI](https://github.com/YawLabs/npmjs-mcp/actions/workflows/ci.yml/badge.svg)](https://github.com/YawLabs/npmjs-mcp/actions/workflows/ci.yml) [![Release](https://github.com/YawLabs/npmjs-mcp/actions/workflows/release.yml/badge.svg)](https://github.com/YawLabs/npmjs-mcp/actions/workflows/release.yml)
 
-## Quick start
+**Run npm registry operations from Claude Code, Cursor, and any MCP client.** 63 tools covering the full registry surface: package intelligence, security audits, dependency analysis, org/team management, and the write ops that normally fight you locally (`npm deprecate`, `npm dist-tag`, `npm owner`, `npm unpublish`).
 
-```bash
-npx @yawlabs/npmjs-mcp
-```
+Built and maintained by [Yaw Labs](https://yaw.sh).
 
-## Setup
+[![Add to mcp.hosting](https://mcp.hosting/install-button.svg)](https://mcp.hosting/install?name=npm&command=npx&args=-y%2C%40yawlabs%2Fnpmjs-mcp&env=NPM_TOKEN&description=npm%20registry%20-%20package%20intel%2C%20security%2C%20dependency%20analysis%2C%20write%20ops&source=https%3A%2F%2Fgithub.com%2FYawLabs%2Fnpmjs-mcp)
 
-No API key is required for read-only tools (search, packages, downloads, security, analysis). For authenticated tools (auth, access, orgs, hooks), set your npm token:
+One click adds this to your [mcp.hosting](https://mcp.hosting) account so it syncs to every MCP client you use. Or install manually below.
 
-```bash
-export NPM_TOKEN="your-token"
-```
+## Why this one?
+
+Other npm MCP servers wrap `npm search` and call it done. This one doesn't.
 
-### Claude Code
+- **Full registry HTTP surface** — 63 tools across reads, writes, orgs, teams, hooks, provenance, trusted publishers, and ops health. Not just `npm view`.
+- **Write ops that actually work in agents** — `npm_deprecate`, `npm_dist_tag_set`, `npm_owner_add`, `npm_unpublish_version` go directly to the HTTP API with your token. No 2FA prompts, no `--otp` hunts, no `ENEEDAUTH` from a session-bound `.npmrc`.
+- **Agent-aware failure surfacing** — write tools detect non-interactive context and return specific human-runnable commands (`npm login --auth-type=web`) instead of looping on unrecoverable errors.
+- **Safety by default** — `npm_unpublish_*` requires `confirm: true`. `npm_owner_remove` blocks you from locking yourself out. `npm_deprecate` validates the message format (em-dash, no trailing period) that npmjs.com's API actually accepts.
+- **Ops playbook built in** — `npm_ops_playbook` returns the canonical tool-vs-CLI-vs-CI decision matrix so your agent picks the right path on the first try.
+- **Tool annotations** — every tool declares `readOnlyHint`, `destructiveHint`, `idempotentHint`, and `openWorldHint`, so MCP clients can skip confirmation on safe ops.
+- **No API key required for reads** — search, packages, downloads, security, dep tree, licenses all work anonymously. Auth is opt-in via `NPM_TOKEN`.
+- **Instant startup** — ships as a single bundled file with zero runtime dependencies. No 5-minute `node_modules` install.
+- **Input hardening** — package names, scopes, versions, dist-tags, and team names are all regex-validated against npm's actual constraints. Defends against CRLF and path-traversal in URL construction.
+
+## Quick start
 
-Add to your MCP config:
+**1. Create `.mcp.json` in your project root**
+
+macOS / Linux / WSL:
 
 ```json
 {
   "mcpServers": {
-    "npmjs": {
+    "npm": {
       "command": "npx",
       "args": ["-y", "@yawlabs/npmjs-mcp"]
     }
@@ -31,153 +44,254 @@ Add to your MCP config:
 }
 ```
 
-With authentication:
+Windows:
 
 ```json
 {
   "mcpServers": {
-    "npmjs": {
-      "command": "npx",
-      "args": ["-y", "@yawlabs/npmjs-mcp"],
-      "env": {
-        "NPM_TOKEN": "your-token"
-      }
+    "npm": {
+      "command": "cmd",
+      "args": ["/c", "npx", "-y", "@yawlabs/npmjs-mcp"]
     }
   }
 }
 ```
 
-### Claude Desktop
+> **Why the extra step on Windows?** Since Node 20, `child_process.spawn` cannot directly execute `.cmd` files (that's what `npx` is on Windows). Wrapping with `cmd /c` is the standard workaround.
+
+**2. Restart and approve**
+
+Restart Claude Code (or your MCP client) and approve the npm MCP server when prompted.
 
-Add to `claude_desktop_config.json`:
+**3. (Optional) Add your npm token for write operations**
+
+Read-only tools work without any setup. For write tools (`deprecate`, `dist-tag`, `owner`, `team_*`, `org_member_*`, `unpublish`, `hook_*`, `access_set*`, `token_revoke`), add `NPM_TOKEN` to the `env` block:
 
 ```json
 {
   "mcpServers": {
-    "npmjs": {
+    "npm": {
       "command": "npx",
       "args": ["-y", "@yawlabs/npmjs-mcp"],
       "env": {
-        "NPM_TOKEN": "your-token"
+        "NPM_TOKEN": "npm_xxxxxxxxxxxx"
       }
     }
   }
 }
 ```
 
+Use a [Granular Access Token](https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-granular-access-tokens) scoped to just the packages and orgs you want your agent to manage.
+
+That's it. Now ask your AI assistant:
+
+> "Deprecate my-old-pkg 1.x with a pointer to v2"
+>
+> "What's the dep tree for fastify look like three levels deep?"
+>
+> "Audit express for known CVEs and tell me the fix"
+>
+> "Who are the maintainers of next.js and when did each one last publish?"
+
+## Configuration
+
+| Environment variable | Default | Description |
+|---|---|---|
+| `NPM_TOKEN` | (none) | npm access token. Required only for write/auth/org/access/hooks tools. A Granular Access Token is strongly preferred over a Classic Automation token. |
+| `NPM_REGISTRY` | `https://registry.npmjs.org` | Alternate registry (enterprise/private). Must support the npm HTTP API shape. |
+
+**Alternate MCP clients:**
+
+| Client | Config file |
+|---|---|
+| Claude Code | `.mcp.json` (project root) or `~/.claude.json` (global) |
+| Claude Desktop | `~/Library/Application Support/Claude/claude_desktop_config.json` (macOS) |
+| Cursor | `~/.cursor/mcp.json` |
+| Windsurf | `~/.codeium/windsurf/mcp_config.json` |
+| VS Code | `.vscode/mcp.json` |
+
+Use the same JSON block shown above in any of these.
+
 ## Tools (63)
 
-### Search
-- `npm_search` — Search the npm registry with qualifiers (keywords, author, scope)
-
-### Packages
-- `npm_package` — Get package metadata (description, dist-tags, maintainers, license)
-- `npm_version` — Get detailed metadata for a specific version
-- `npm_versions` — List all published versions with dates
-- `npm_readme` — Get README content
-- `npm_dist_tags` — Get dist-tags (latest, next, beta, etc)
-- `npm_types` — Check TypeScript type support (built-in types or @types/*)
-
-### Dependencies
-- `npm_dependencies` — Get dependency lists (prod, dev, peer, optional)
-- `npm_dep_tree` — Resolve transitive dependency tree (configurable depth)
-- `npm_license_check` — Check licenses of a package and its direct deps
-
-### Downloads
-- `npm_downloads` — Get total download count for a period
-- `npm_downloads_range` — Get daily download breakdown
-- `npm_downloads_bulk` — Compare downloads for up to 128 packages
-- `npm_version_downloads` — Per-version download counts
-
-### Security
-- `npm_audit` — Check packages for known vulnerabilities
-- `npm_audit_deep` — Full audit with CVSS scores, CWEs, fix recommendations
-- `npm_signing_keys` — Get registry ECDSA signing keys
-
-### Analysis
-- `npm_compare` — Compare 2-5 packages side-by-side
-- `npm_health` — Assess maintenance, downloads, security, deprecation status
-- `npm_maintainers` — Get maintainers and their publish history
-- `npm_release_frequency` — Analyze release cadence and gaps
-
-### Registry
-- `npm_registry_stats` — Total npm-wide download counts
-- `npm_recent_changes` — Recent package publishes from the CouchDB changes feed
-- `npm_ops_playbook` — Canonical recipes for npm operations (call this FIRST when unsure which tool to use)
-
-### Provenance
-- `npm_provenance` — Get Sigstore provenance attestations (SLSA, publish)
-
-### Trusted Publishers (requires NPM_TOKEN)
-- `npm_trusted_publishers` — List OIDC trust relationships with CI/CD providers
-
-### Auth (requires NPM_TOKEN)
-- `npm_whoami` — Check authenticated user
-- `npm_profile` — Get profile, email, 2FA status
-- `npm_tokens` — List access tokens
-- `npm_verify_token` — One-call capability check (call this FIRST when debugging write failures)
-- `npm_user_packages` — List packages published by a user
-
-### Access (requires NPM_TOKEN)
-- `npm_collaborators` — List package collaborators and permissions
-- `npm_package_access` — Get package access settings
-
-### Organizations (requires NPM_TOKEN)
-- `npm_org_members` — List org members and roles
-- `npm_org_packages` — List org packages
-- `npm_org_teams` — List org teams
-- `npm_team_packages` — List team package permissions
-
-### Workflows
-- `npm_check_auth` — Auth health check with headless publish feasibility
-- `npm_publish_preflight` — Pre-publish validation checklist
-
-### Write Operations (requires NPM_TOKEN with write scope)
-
-These bypass the CLI/2FA friction that causes `npm deprecate` and similar commands to 422 locally. All use the HTTP API with your `NPM_TOKEN`.
-
-- `npm_deprecate` — Deprecate a package or specific versions (validates message format)
-- `npm_undeprecate` — Clear deprecation
-- `npm_unpublish_version` — Unpublish a specific version (requires `confirm: true`)
-- `npm_unpublish_package` — Unpublish an entire package (requires `confirm: true`)
-- `npm_dist_tag_set` — Point a dist-tag at a version
-- `npm_dist_tag_remove` — Remove a dist-tag (except `latest`)
-- `npm_owner_add` — Add a maintainer (resolves user via `/-/user/`)
-- `npm_owner_remove` — Remove a maintainer (prevents lockout)
-- `npm_access_set` — Set public/private/restricted access
-- `npm_access_set_mfa` — Configure 2FA requirement for publish (none/publish/automation)
-- `npm_team_grant` / `npm_team_revoke` — Grant/revoke team permissions on a package
-- `npm_team_create` / `npm_team_delete` — Create/delete a team in an org
-- `npm_team_member_add` / `npm_team_member_remove` — Manage team members
-- `npm_org_member_set` / `npm_org_member_remove` — Add/remove org members, set roles
-- `npm_token_revoke` — Revoke an access token by key (creation requires a password and isn't exposed)
-
-### Webhooks (requires NPM_TOKEN)
-- `npm_hook_add` — Register a webhook on a package, scope, or user
-- `npm_hook_list` — List webhooks (optional package filter)
-- `npm_hook_get` — Fetch a single webhook
-- `npm_hook_update` — Update endpoint/secret of a webhook
-- `npm_hook_remove` — Delete a webhook
-
-### Operation Decision Matrix
+### Search (1)
+- **npm_search** — Search the npm registry with qualifiers (keywords, author, scope).
+
+### Packages (6)
+- **npm_package** — Metadata: description, dist-tags, maintainers, license, repository.
+- **npm_version** — Detailed metadata for a specific version.
+- **npm_versions** — All published versions with dates.
+- **npm_readme** — README content.
+- **npm_dist_tags** — Dist-tags (latest, next, beta, etc).
+- **npm_types** — TypeScript type support (built-in types or `@types/*`).
+
+### Dependencies (3)
+- **npm_dependencies** — Dependency lists (prod, dev, peer, optional).
+- **npm_dep_tree** — Transitive dependency tree (configurable depth).
+- **npm_license_check** — License audit of a package and its direct deps.
+
+### Downloads (4)
+- **npm_downloads** — Total download count for a period.
+- **npm_downloads_range** — Daily download breakdown.
+- **npm_downloads_bulk** — Compare downloads for up to 128 packages.
+- **npm_version_downloads** — Per-version download counts.
+
+### Security (3)
+- **npm_audit** — Check packages for known vulnerabilities.
+- **npm_audit_deep** — Full audit with CVSS scores, CWEs, fix recommendations.
+- **npm_signing_keys** — Registry ECDSA signing keys.
+
+### Analysis (4)
+- **npm_compare** — Compare 2–5 packages side-by-side.
+- **npm_health** — Maintenance, downloads, security, deprecation summary.
+- **npm_maintainers** — Maintainers and publish history.
+- **npm_release_frequency** — Release cadence and gaps.
+
+### Registry (3)
+- **npm_registry_stats** — Total npm-wide download counts.
+- **npm_recent_changes** — Recent publishes from the CouchDB changes feed.
+- **npm_ops_playbook** — Canonical recipes for npm operations. **Call this first** when unsure which tool to use.
+
+### Provenance & trust (2)
+- **npm_provenance** — Sigstore attestations (SLSA, publish).
+- **npm_trusted_publishers** — OIDC trust relationships with CI/CD providers.
+
+### Auth (5, requires NPM_TOKEN)
+- **npm_whoami** — Authenticated user.
+- **npm_profile** — Profile, email, 2FA status.
+- **npm_tokens** — List access tokens.
+- **npm_verify_token** — One-call capability check. **Call this first** when debugging write failures.
+- **npm_user_packages** — Packages published by a user.
+
+### Access & orgs (6, requires NPM_TOKEN)
+- **npm_collaborators** — Package collaborators and permissions.
+- **npm_package_access** — Package access settings.
+- **npm_org_members** — Org members and roles.
+- **npm_org_packages** — Org packages.
+- **npm_org_teams** — Org teams.
+- **npm_team_packages** — Team package permissions.
+
+### Workflows (2)
+- **npm_check_auth** — Auth health check with headless publish feasibility.
+- **npm_publish_preflight** — Pre-publish validation checklist.
+
+### Write operations (19, requires NPM_TOKEN with write scope)
+
+These bypass the CLI/2FA friction that makes `npm deprecate` and friends fail locally. All use the HTTP API with your `NPM_TOKEN`.
+
+- **npm_deprecate** — Deprecate a package or specific versions (validates message format).
+- **npm_undeprecate** — Clear deprecation.
+- **npm_unpublish_version** — Unpublish a version. Requires `confirm: true`.
+- **npm_unpublish_package** — Unpublish an entire package. Requires `confirm: true`.
+- **npm_dist_tag_set** — Point a dist-tag at a version.
+- **npm_dist_tag_remove** — Remove a dist-tag (refuses `latest`).
+- **npm_owner_add** — Add a maintainer (resolves user via `/-/user/`).
+- **npm_owner_remove** — Remove a maintainer (prevents self-lockout).
+- **npm_access_set** — Set public/private/restricted access.
+- **npm_access_set_mfa** — Configure 2FA requirement (none/publish/automation).
+- **npm_team_grant** / **npm_team_revoke** — Grant/revoke team permissions on a package.
+- **npm_team_create** / **npm_team_delete** — Create/delete a team in an org.
+- **npm_team_member_add** / **npm_team_member_remove** — Manage team members.
+- **npm_org_member_set** / **npm_org_member_remove** — Manage org membership and roles.
+- **npm_token_revoke** — Revoke an access token by key.
+
+### Webhooks (5, requires NPM_TOKEN)
+- **npm_hook_add** — Register a webhook on a package, scope, or user.
+- **npm_hook_list** — List webhooks (optional package filter).
+- **npm_hook_get** — Fetch a single webhook.
+- **npm_hook_update** — Update endpoint/secret.
+- **npm_hook_remove** — Delete a webhook.
+
+## Operation decision matrix
 
 | Operation | Preferred path | Why |
 |---|---|---|
-| Read (search/view/stats) | These MCP tools, no auth required | Fast, zero friction |
-| Deprecate / dist-tag / owner | `npm_deprecate`, `npm_dist_tag_*`, `npm_owner_*` | HTTP API, no CLI auth issues |
+| Read (search/view/stats) | These MCP tools, no auth | Fast, zero friction |
+| Deprecate / dist-tag / owner / team / hook | `npm_deprecate`, `npm_dist_tag_*`, etc. | HTTP API, no CLI 2FA friction |
 | Publish | CI tag-push workflow | Version discipline, provenance, org token |
 | Unpublish | `npm_unpublish_version` (with `confirm: true`) | Safer than CLI; irreversible within 72h |
-| CLI fallback (only if MCP returns 422) | `npm login --auth-type=web` then `npm <op>` | End-user interactive path |
+| CLI fallback (rare) | `npm login --auth-type=web` then `npm <op>` | Only if MCP returns 422 |
+
+Call `npm_ops_playbook` at the start of any session to get the up-to-date matrix.
+
+## Examples
+
+### Audit a dependency
+
+```
+> "What vulnerabilities does lodash 4.17.20 have and what's the fix?"
+→ npm_audit_deep({ name: "lodash", version: "4.17.20" })
+```
+
+### Deprecate a package
+
+```
+> "Deprecate @myorg/legacy-sdk with a pointer to @myorg/sdk"
+→ npm_deprecate({ name: "@myorg/legacy-sdk", message: "Renamed to @myorg/sdk — install that instead" })
+```
+
+### Compare package health
+
+```
+> "Compare fastify vs express vs koa for maintenance health"
+→ npm_compare({ names: ["fastify", "express", "koa"] })
+→ npm_health({ name: "fastify" }) // ...etc
+```
+
+### Rotate a dist-tag
+
+```
+> "Point @myorg/pkg@latest at 3.2.1"
+→ npm_dist_tag_set({ name: "@myorg/pkg", tag: "latest", version: "3.2.1" })
+```
+
+### Debug a write failure
+
+```
+> "My deprecate keeps returning 422 — what's wrong?"
+→ npm_verify_token()  // Confirms token scope, packages, 2FA state
+→ npm_ops_playbook()  // Returns the canonical retry sequence
+```
+
+## Troubleshooting
+
+**"Error: NPM_TOKEN is required"**
+
+- The tool you called needs auth. Add `NPM_TOKEN` to the `env` block of your MCP config and restart the client.
+- Prefer a [Granular Access Token](https://docs.npmjs.com/creating-and-viewing-access-tokens#creating-granular-access-tokens) scoped to just the packages and orgs you want touched.
+
+**"HTTP 401 Unauthorized" or "HTTP 403 Forbidden"**
+
+- Your token lacks scope on the target package. Call `npm_verify_token` — it reports which packages and orgs the token can actually write.
+- If the package requires 2FA for writes, your token must be an automation token or come from an OIDC trusted publisher. A user token will 403.
+
+**"HTTP 422 Unprocessable" on deprecate**
 
-Call `npm_ops_playbook` at the start of any session for the up-to-date matrix.
+- Common cause: message format. Use an em-dash and no trailing period: `"Renamed to @x/y — install that instead"`, not `"Renamed to @x/y. Install that instead."`
+- Another: specifying a `versions` range that doesn't match any published version. Call `npm_versions` to confirm.
 
-## Features
+**Windows: MCP server doesn't start**
+
+- Use the `cmd /c npx ...` pattern from the Quick start section. Node 20+ can't spawn `.cmd` files directly.
+
+## Requirements
+
+- Node.js 18+
+- (Optional) npm access token for write operations
+
+## Contributing
+
+```bash
+git clone https://github.com/YawLabs/npmjs-mcp.git
+cd npmjs-mcp
+npm install
+npm run lint       # Biome check
+npm run lint:fix   # Auto-fix
+npm run build      # tsc + esbuild bundle
+npm test           # node --test
+```
 
-- **63 tools** covering search, packages, deps, downloads, security, analysis, auth, orgs, access, provenance, trust, publish workflows, write operations, and registry webhooks
-- **No API key required** for read-only tools — authenticated tools opt-in via NPM_TOKEN
-- **Zero runtime dependencies** — Single bundled file for instant `npx` startup
-- **Agent-aware publish tools** — Detects non-interactive context, provides human hand-off actions instead of unworkable retries
-- **MCP annotations** — Every tool declares read-only, destructive, and idempotent hints
+See [CONTRIBUTING.md](CONTRIBUTING.md) for the full workflow, including release process.
 
 ## License
 

package/dist/index.js

@@ -21011,12 +21011,39 @@ var StdioServerTransport = class {
 };
 
 // src/api.ts
-var REGISTRY_URL = "https://registry.npmjs.org";
+var DEFAULT_REGISTRY_URL = "https://registry.npmjs.org";
 var DOWNLOADS_URL = "https://api.npmjs.org";
 var REPLICATE_URL = "https://replicate.npmjs.com";
-var REQUEST_TIMEOUT_MS = 3e4;
+var DEFAULT_TIMEOUT_MS = 3e4;
+var DEFAULT_BACKOFF_MS = 500;
+var MAX_RETRIES = 2;
+var RETRYABLE_STATUSES = /* @__PURE__ */ new Set([429, 502, 503, 504]);
+function getRegistryUrl() {
+  return (process.env.NPM_REGISTRY || DEFAULT_REGISTRY_URL).replace(/\/+$/, "");
+}
+function getTimeoutMs() {
+  const raw = process.env.NPM_REQUEST_TIMEOUT_MS;
+  if (!raw) return DEFAULT_TIMEOUT_MS;
+  const parsed = Number(raw);
+  return Number.isFinite(parsed) && parsed > 0 ? parsed : DEFAULT_TIMEOUT_MS;
+}
+function getBackoffMs(attempt) {
+  const raw = process.env.NPM_RETRY_BACKOFF_MS;
+  const parsed = raw !== void 0 ? Number(raw) : Number.NaN;
+  const base = Number.isFinite(parsed) && parsed >= 0 ? parsed : DEFAULT_BACKOFF_MS;
+  return base * 2 ** attempt;
+}
+function debugEnabled() {
+  const v = process.env.DEBUG;
+  return v === "npmjs-mcp" || v === "*";
+}
+function debug(msg) {
+  if (debugEnabled()) console.error(`[npmjs-mcp] ${msg}`);
+}
 var PACKAGE_NAME_MAX_LENGTH = 214;
 var PACKAGE_NAME_PATTERN = /^(?:@[a-zA-Z0-9][a-zA-Z0-9\-_.]*\/)?[a-zA-Z0-9][a-zA-Z0-9\-_.]*$/;
+var IDENT_MAX_LENGTH = 214;
+var IDENT_PATTERN = /^[a-zA-Z0-9][a-zA-Z0-9\-_.]*$/;
 function validatePackageName(name) {
   if (typeof name !== "string" || name.length === 0) return "Package name is empty";
   if (name.length > PACKAGE_NAME_MAX_LENGTH) {
@@ -21027,11 +21054,43 @@ function validatePackageName(name) {
   }
   return null;
 }
+function validateIdent(value, label) {
+  if (typeof value !== "string" || value.length === 0) return `${label} is empty`;
+  if (value.length > IDENT_MAX_LENGTH) return `${label} exceeds ${IDENT_MAX_LENGTH} characters`;
+  if (!IDENT_PATTERN.test(value)) {
+    return `Invalid ${label.toLowerCase()} '${value}'. Must start alphanumeric and contain only [a-zA-Z0-9-_.].`;
+  }
+  return null;
+}
+function validateScope(scope) {
+  return validateIdent(scope.replace(/^@/, ""), "Scope");
+}
+function validateUsername(username) {
+  return validateIdent(username.replace(/^@/, ""), "Username");
+}
+function validateTeam(team) {
+  return validateIdent(team, "Team name");
+}
 function encPkg(name) {
   const err = validatePackageName(name);
   if (err) throw new Error(err);
   return name.startsWith("@") ? `@${encodeURIComponent(name.slice(1))}` : encodeURIComponent(name);
 }
+function encScope(scope) {
+  const err = validateScope(scope);
+  if (err) throw new Error(err);
+  return encodeURIComponent(scope.replace(/^@/, ""));
+}
+function encUser(username) {
+  const err = validateUsername(username);
+  if (err) throw new Error(err);
+  return encodeURIComponent(username.replace(/^@/, ""));
+}
+function encTeam(team) {
+  const err = validateTeam(team);
+  if (err) throw new Error(err);
+  return encodeURIComponent(team);
+}
 function isAuthenticated() {
   return !!process.env.NPM_TOKEN;
 }
@@ -21047,6 +21106,17 @@ function authHeaders() {
   const token = process.env.NPM_TOKEN;
   return token ? { Authorization: `Bearer ${token}` } : {};
 }
+function parseRetryAfter(header) {
+  if (!header) return null;
+  const seconds = Number(header);
+  if (Number.isFinite(seconds) && seconds >= 0) return seconds * 1e3;
+  const date3 = Date.parse(header);
+  if (!Number.isNaN(date3)) return Math.max(0, date3 - Date.now());
+  return null;
+}
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
 async function request(baseUrl, path, options) {
   const method = options?.method ?? "GET";
   const headers = {
@@ -21059,49 +21129,75 @@ async function request(baseUrl, path, options) {
     fetchBody = JSON.stringify(options.body);
   }
   const url = `${baseUrl}${path}`;
-  try {
-    const res = await fetch(url, {
-      method,
-      headers,
-      body: fetchBody,
-      signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
-    });
-    if (!res.ok) {
-      const errorBody = await res.text();
-      return { ok: false, status: res.status, error: errorBody };
-    }
-    if (res.status === 204 || res.headers.get("content-length") === "0") {
-      return { ok: true, status: res.status };
+  for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
+    const started = Date.now();
+    try {
+      const res = await fetch(url, {
+        method,
+        headers,
+        body: fetchBody,
+        signal: AbortSignal.timeout(getTimeoutMs())
+      });
+      if (RETRYABLE_STATUSES.has(res.status) && attempt < MAX_RETRIES) {
+        const retryAfter = parseRetryAfter(res.headers.get("Retry-After"));
+        const waitMs = retryAfter ?? getBackoffMs(attempt);
+        debug(`${method} ${url} -> ${res.status} retry in ${waitMs}ms (attempt ${attempt + 1}/${MAX_RETRIES + 1})`);
+        try {
+          await res.text();
+        } catch {
+        }
+        await sleep(waitMs);
+        continue;
+      }
+      const elapsed = Date.now() - started;
+      if (!res.ok) {
+        const errorBody = await res.text();
+        debug(`${method} ${url} -> ${res.status} ${elapsed}ms`);
+        return { ok: false, status: res.status, error: errorBody };
+      }
+      if (res.status === 204 || res.headers.get("content-length") === "0") {
+        debug(`${method} ${url} -> ${res.status} ${elapsed}ms`);
+        return { ok: true, status: res.status };
+      }
+      const data = await res.json();
+      debug(`${method} ${url} -> ${res.status} ${elapsed}ms`);
+      return { ok: true, status: res.status, data };
+    } catch (err) {
+      const message = err instanceof Error ? err.message : String(err);
+      if (attempt < MAX_RETRIES) {
+        const waitMs = getBackoffMs(attempt);
+        debug(`${method} ${url} -> network error retry in ${waitMs}ms (${message})`);
+        await sleep(waitMs);
+        continue;
+      }
+      debug(`${method} ${url} -> network error: ${message}`);
+      return { ok: false, status: 0, error: message };
     }
-    const data = await res.json();
-    return { ok: true, status: res.status, data };
-  } catch (err) {
-    const message = err instanceof Error ? err.message : String(err);
-    return { ok: false, status: 0, error: message };
   }
+  return { ok: false, status: 0, error: "unreachable" };
 }
 function registryGet(path) {
-  return request(REGISTRY_URL, path);
+  return request(getRegistryUrl(), path);
 }
 function registryGetAbbreviated(path) {
-  return request(REGISTRY_URL, path, {
+  return request(getRegistryUrl(), path, {
     headers: { Accept: "application/vnd.npm.install-v1+json" }
   });
 }
 function registryPost(path, body) {
-  return request(REGISTRY_URL, path, { method: "POST", body });
+  return request(getRegistryUrl(), path, { method: "POST", body });
 }
 function registryGetAuth(path) {
-  return request(REGISTRY_URL, path, { headers: authHeaders() });
+  return request(getRegistryUrl(), path, { headers: authHeaders() });
 }
 function registryPostAuth(path, body) {
-  return request(REGISTRY_URL, path, { method: "POST", body, headers: authHeaders() });
+  return request(getRegistryUrl(), path, { method: "POST", body, headers: authHeaders() });
 }
 function registryPutAuth(path, body) {
-  return request(REGISTRY_URL, path, { method: "PUT", body, headers: authHeaders() });
+  return request(getRegistryUrl(), path, { method: "PUT", body, headers: authHeaders() });
 }
 function registryDeleteAuth(path, body) {
-  return request(REGISTRY_URL, path, { method: "DELETE", body, headers: authHeaders() });
+  return request(getRegistryUrl(), path, { method: "DELETE", body, headers: authHeaders() });
 }
 function downloadsGet(path) {
   return request(DOWNLOADS_URL, path);
@@ -21269,12 +21365,12 @@ function translateError(res, context) {
     case 422:
       return {
         ...res,
-        error: `Registry rejected the request payload${pkgPart}${opPart} (422 Unprocessable Entity). Most common causes: (1) invalid semver range \u2014 validate with npm_package versions first; (2) deprecation message format \u2014 em-dash form works, period-capital form sometimes 422s; (3) account-level 2FA policy requires interactive CLI session. If #3, CLI fallback: \`npm login --auth-type=web\` followed by the npm CLI command. Raw: ${res.error}`
+        error: `Registry rejected the request payload${pkgPart}${opPart} (422 Unprocessable Entity). Most common causes: (1) semver range matches no published versions \u2014 validate with npm_versions first; (2) deprecation message exceeds 1024 characters; (3) account-level 2FA policy requires an interactive CLI session. If #3, CLI fallback: \`npm login --auth-type=web\` followed by the equivalent npm CLI command. Raw: ${res.error}`
       };
     case 429:
       return {
         ...res,
-        error: `Rate limited${opPart}. Wait 60 seconds and retry. Raw: ${res.error}`
+        error: `Rate limited${opPart}. Retried automatically and still failed \u2014 wait longer and retry, or contact npm support if this persists. Raw: ${res.error}`
       };
     case 0:
       return {
@@ -21289,10 +21385,6 @@ function validateDeprecationMessage(msg) {
   if (msg.length > 1024) {
     return "Deprecation message exceeds 1024 characters (registry limit).";
   }
-  if (msg.length === 0) return null;
-  if (/\.\s+[A-Z]/.test(msg)) {
-    return `Deprecation message contains the "period + space + capital letter" pattern that has triggered 422 Unprocessable Entity on at least one scoped package. The working form uses em-dash and lowercase continuation: e.g. "Renamed to @yawlabs/spend \u2014 install that instead". Pass force: true to bypass this validation.`;
-  }
   return null;
 }
 function versionsMatchingRange(versions, range, maxSatisfying2) {
@@ -22030,10 +22122,24 @@ function classifyHookTarget(target) {
   if (/^@[^/]+$/.test(target)) return { type: "scope", name: target };
   return { type: "package", name: target };
 }
+function stripSecrets(data) {
+  if (Array.isArray(data)) {
+    return data.map((item) => stripSecrets(item));
+  }
+  if (data !== null && typeof data === "object") {
+    const out = {};
+    for (const [k, v] of Object.entries(data)) {
+      if (k === "secret") continue;
+      out[k] = stripSecrets(v);
+    }
+    return out;
+  }
+  return data;
+}
 var hookTools = [
   {
     name: "npm_hook_add",
-    description: "Create a registry webhook. Target is 'pkg' or '@scope/pkg' for a package, '@scope' for a scope, or '~user' for a user's packages. Endpoint is the HTTPS URL to POST events to; secret is used to HMAC-sign payloads.",
+    description: "Create a registry webhook. Target is 'pkg' or '@scope/pkg' for a package, '@scope' for a scope, or '~user' for a user's packages. Endpoint is the HTTPS URL to POST events to; secret is used to HMAC-sign payloads. The secret is never echoed back in tool responses.",
     annotations: {
       title: "Add webhook",
       readOnlyHint: false,
@@ -22057,12 +22163,12 @@ var hookTools = [
         secret: input.secret
       });
       if (!res.ok) return translateError(res, { op: `hook_add ${input.target}` });
-      return { ok: true, status: 200, data: res.data };
+      return { ok: true, status: 200, data: stripSecrets(res.data) };
     }
   },
   {
     name: "npm_hook_list",
-    description: "List webhooks. Optionally filter by package name.",
+    description: "List webhooks. Optionally filter by package name. Secrets are redacted from responses.",
     annotations: {
       title: "List webhooks",
       readOnlyHint: true,
@@ -22085,12 +22191,12 @@ var hookTools = [
       const q = qs.toString();
       const res = await registryGetAuth(`/-/npm/v1/hooks${q ? `?${q}` : ""}`);
       if (!res.ok) return translateError(res, { op: "hook_list" });
-      return { ok: true, status: 200, data: res.data };
+      return { ok: true, status: 200, data: stripSecrets(res.data) };
     }
   },
   {
     name: "npm_hook_get",
-    description: "Get a single webhook by its ID.",
+    description: "Get a single webhook by its ID. The stored secret is redacted from the response.",
     annotations: {
       title: "Get webhook",
       readOnlyHint: true,
@@ -22106,12 +22212,12 @@ var hookTools = [
       if (authErr) return authErr;
       const res = await registryGetAuth(`/-/npm/v1/hooks/hook/${encodeURIComponent(input.id)}`);
       if (!res.ok) return translateError(res, { op: `hook_get ${input.id}` });
-      return { ok: true, status: 200, data: res.data };
+      return { ok: true, status: 200, data: stripSecrets(res.data) };
     }
   },
   {
     name: "npm_hook_update",
-    description: "Update a webhook's endpoint and/or secret.",
+    description: "Update a webhook's endpoint and/or secret. The returned hook object has the secret redacted.",
     annotations: {
       title: "Update webhook",
       readOnlyHint: false,
@@ -22132,7 +22238,7 @@ var hookTools = [
         secret: input.secret
       });
       if (!res.ok) return translateError(res, { op: `hook_update ${input.id}` });
-      return { ok: true, status: 200, data: res.data };
+      return { ok: true, status: 200, data: stripSecrets(res.data) };
     }
   },
   {
@@ -23151,7 +23257,16 @@ async function fetchPackument(pkg) {
 }
 function parseTeamTarget(target) {
   const m = target.match(/^@?([^:]+):(.+)$/);
-  return m ? { scope: m[1], team: m[2] } : null;
+  if (!m) {
+    return { error: `Team must be in the form '@scope:team' (got '${target}').` };
+  }
+  const scope = m[1];
+  const team = m[2];
+  const scopeErr = validateScope(scope);
+  if (scopeErr) return { error: scopeErr };
+  const teamErr = validateTeam(team);
+  if (teamErr) return { error: teamErr };
+  return { scope, team };
 }
 function highestVersion(versions) {
   const parsed = [];
@@ -23169,7 +23284,7 @@ var writeTools = [
   // ───────────────────────────────────────────────────────
   {
     name: "npm_deprecate",
-    description: "Deprecate a package or specific versions. Shows a warning message on install. Uses the HTTP API with NPM_TOKEN, bypassing the CLI auth friction that causes 422 errors on accounts with 2FA. Message format tip: the period-then-capital pattern ('... install that instead. Thanks.') has 422'd on at least one scoped package; em-dash form is the known-good workaround. Pass force: true to skip the preflight check if you want the exact message as-is.",
+    description: "Deprecate a package or specific versions. Shows a warning message on install. Uses the HTTP API with NPM_TOKEN, bypassing the CLI auth friction that causes 422 errors on accounts with 2FA. Registry hard limit: deprecation messages must be <= 1024 characters. If the registry 422s, first verify the semver range matches at least one published version (npm_versions) \u2014 range/version mismatches are the most common cause, not message format.",
     annotations: {
       title: "Deprecate package",
       readOnlyHint: false,
@@ -23178,18 +23293,15 @@ var writeTools = [
       openWorldHint: true
     },
     inputSchema: external_exports.object({
-      name: external_exports.string().describe("Package name (e.g. '@yawlabs/tokenmeter-mcp')"),
+      name: external_exports.string().describe("Package name (e.g. '@yawlabs/spend')"),
       message: external_exports.string().describe("Deprecation message. Empty string to clear deprecation (use npm_undeprecate instead)."),
-      versionRange: external_exports.string().optional().describe("Semver range. Omit to deprecate ALL versions. Example: '<1.0.0' or '0.3.x'."),
-      force: external_exports.boolean().optional().describe("Bypass message format validation (default: false).")
+      versionRange: external_exports.string().optional().describe("Semver range. Omit to deprecate ALL versions. Example: '<1.0.0' or '0.3.x'.")
     }),
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
-      if (!input.force) {
-        const problem = validateDeprecationMessage(input.message);
-        if (problem) return { ok: false, status: 400, error: problem };
-      }
+      const problem = validateDeprecationMessage(input.message);
+      if (problem) return { ok: false, status: 400, error: problem };
       const pRes = await fetchPackument(input.name);
       if (!pRes.ok) return translateError(pRes, { pkg: input.name, op: "deprecate (fetch)" });
       const packument = pRes.data;
@@ -23518,8 +23630,10 @@ var writeTools = [
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      const userErr = validateUsername(input.username);
+      if (userErr) return { ok: false, status: 400, error: userErr };
       const uRes = await registryGetAuth(
-        `/-/user/org.couchdb.user:${encodeURIComponent(input.username)}`
+        `/-/user/org.couchdb.user:${encUser(input.username)}`
       );
       if (!uRes.ok) return translateError(uRes, { pkg: input.name, op: `owner_add (resolve user ${input.username})` });
       const userRecord = { name: uRes.data.name, email: uRes.data.email ?? "" };
@@ -23584,6 +23698,8 @@ var writeTools = [
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      const userErr = validateUsername(input.username);
+      if (userErr) return { ok: false, status: 400, error: userErr };
       const pRes = await fetchPackument(input.name);
       if (!pRes.ok) return translateError(pRes, { pkg: input.name, op: "owner_remove (fetch)" });
       const packument = pRes.data;
@@ -23715,15 +23831,11 @@ var writeTools = [
       const authErr = requireAuth();
       if (authErr) return authErr;
       const parsed = parseTeamTarget(input.team);
-      if (!parsed) {
-        return {
-          ok: false,
-          status: 400,
-          error: `Team must be in the form '@scope:team' (got '${input.team}').`
-        };
+      if ("error" in parsed) {
+        return { ok: false, status: 400, error: parsed.error };
       }
       const { scope, team } = parsed;
-      const res = await registryPutAuth(`/-/team/${encodeURIComponent(scope)}/${encodeURIComponent(team)}/package`, {
+      const res = await registryPutAuth(`/-/team/${encScope(scope)}/${encTeam(team)}/package`, {
         package: input.package,
         permissions: input.permissions
       });
@@ -23756,15 +23868,11 @@ var writeTools = [
       const authErr = requireAuth();
       if (authErr) return authErr;
       const parsed = parseTeamTarget(input.team);
-      if (!parsed) {
-        return {
-          ok: false,
-          status: 400,
-          error: `Team must be in the form '@scope:team' (got '${input.team}').`
-        };
+      if ("error" in parsed) {
+        return { ok: false, status: 400, error: parsed.error };
       }
       const { scope, team } = parsed;
-      const res = await registryDeleteAuth(`/-/team/${encodeURIComponent(scope)}/${encodeURIComponent(team)}/package`, {
+      const res = await registryDeleteAuth(`/-/team/${encScope(scope)}/${encTeam(team)}/package`, {
         package: input.package
       });
       if (!res.ok) return translateError(res, { pkg: input.package, op: `team_revoke ${input.team}` });
@@ -23796,11 +23904,11 @@ var writeTools = [
       const authErr = requireAuth();
       if (authErr) return authErr;
       const parsed = parseTeamTarget(input.team);
-      if (!parsed) {
-        return { ok: false, status: 400, error: `Team must be in the form '@scope:team' (got '${input.team}').` };
+      if ("error" in parsed) {
+        return { ok: false, status: 400, error: parsed.error };
       }
       const { scope, team } = parsed;
-      const res = await registryPutAuth(`/-/org/${encodeURIComponent(scope)}/team`, {
+      const res = await registryPutAuth(`/-/org/${encScope(scope)}/team`, {
         name: team,
         description: input.description
       });
@@ -23813,7 +23921,7 @@ var writeTools = [
   // ───────────────────────────────────────────────────────
   {
     name: "npm_team_delete",
-    description: "Delete a team. Team is passed as '@scope:team'. Revokes all package permissions that team held.",
+    description: "Delete a team. Team is passed as '@scope:team'. Revokes all package permissions that team held. Requires confirm: true \u2014 this removes the team and all its package grants in one call.",
     annotations: {
       title: "Delete team",
       readOnlyHint: false,
@@ -23822,17 +23930,25 @@ var writeTools = [
       openWorldHint: true
     },
     inputSchema: external_exports.object({
-      team: external_exports.string().describe("Team in the form '@scope:team'")
+      team: external_exports.string().describe("Team in the form '@scope:team'"),
+      confirm: external_exports.literal(true).describe("Must be literally true. Guards against accidental team deletion.")
     }),
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      if (input.confirm !== true) {
+        return {
+          ok: false,
+          status: 400,
+          error: "team_delete requires confirm: true. This removes the team and all its package grants."
+        };
+      }
       const parsed = parseTeamTarget(input.team);
-      if (!parsed) {
-        return { ok: false, status: 400, error: `Team must be in the form '@scope:team' (got '${input.team}').` };
+      if ("error" in parsed) {
+        return { ok: false, status: 400, error: parsed.error };
       }
       const { scope, team } = parsed;
-      const res = await registryDeleteAuth(`/-/team/${encodeURIComponent(scope)}/${encodeURIComponent(team)}`);
+      const res = await registryDeleteAuth(`/-/team/${encScope(scope)}/${encTeam(team)}`);
       if (!res.ok) return translateError(res, { op: `team_delete ${input.team}` });
       return { ok: true, status: 200, data: { team: `@${scope}:${team}`, deleted: true } };
     }
@@ -23857,12 +23973,14 @@ var writeTools = [
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      const userErr = validateUsername(input.user);
+      if (userErr) return { ok: false, status: 400, error: userErr };
       const parsed = parseTeamTarget(input.team);
-      if (!parsed) {
-        return { ok: false, status: 400, error: `Team must be in the form '@scope:team' (got '${input.team}').` };
+      if ("error" in parsed) {
+        return { ok: false, status: 400, error: parsed.error };
       }
       const { scope, team } = parsed;
-      const res = await registryPutAuth(`/-/team/${encodeURIComponent(scope)}/${encodeURIComponent(team)}/user`, {
+      const res = await registryPutAuth(`/-/team/${encScope(scope)}/${encTeam(team)}/user`, {
         user: input.user
       });
       if (!res.ok) return translateError(res, { op: `team_member_add ${input.team}` });
@@ -23889,12 +24007,14 @@ var writeTools = [
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      const userErr = validateUsername(input.user);
+      if (userErr) return { ok: false, status: 400, error: userErr };
       const parsed = parseTeamTarget(input.team);
-      if (!parsed) {
-        return { ok: false, status: 400, error: `Team must be in the form '@scope:team' (got '${input.team}').` };
+      if ("error" in parsed) {
+        return { ok: false, status: 400, error: parsed.error };
       }
       const { scope, team } = parsed;
-      const res = await registryDeleteAuth(`/-/team/${encodeURIComponent(scope)}/${encodeURIComponent(team)}/user`, {
+      const res = await registryDeleteAuth(`/-/team/${encScope(scope)}/${encTeam(team)}/user`, {
         user: input.user
       });
       if (!res.ok) return translateError(res, { op: `team_member_remove ${input.team}` });
@@ -23922,11 +24042,15 @@ var writeTools = [
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      const orgErr = validateScope(input.org);
+      if (orgErr) return { ok: false, status: 400, error: orgErr };
+      const userErr = validateUsername(input.user);
+      if (userErr) return { ok: false, status: 400, error: userErr };
       const org = input.org.replace(/^@/, "");
       const user = input.user.replace(/^@/, "");
       const body = { user };
       if (input.role) body.role = input.role;
-      const res = await registryPutAuth(`/-/org/${encodeURIComponent(org)}/user`, body);
+      const res = await registryPutAuth(`/-/org/${encScope(org)}/user`, body);
       if (!res.ok) return translateError(res, { op: `org_member_set ${org}/${user}` });
       return { ok: true, status: 200, data: { org, user, role: input.role } };
     }
@@ -23936,7 +24060,7 @@ var writeTools = [
   // ───────────────────────────────────────────────────────
   {
     name: "npm_org_member_remove",
-    description: "Remove a user from an org. Their team memberships in that org are also removed.",
+    description: "Remove a user from an org. Their team memberships in that org are also removed. Requires confirm: true \u2014 team memberships cascade and cannot be selectively preserved.",
     annotations: {
       title: "Remove org member",
       readOnlyHint: false,
@@ -23946,14 +24070,26 @@ var writeTools = [
     },
     inputSchema: external_exports.object({
       org: external_exports.string().describe("Organization name"),
-      user: external_exports.string().describe("npm username")
+      user: external_exports.string().describe("npm username"),
+      confirm: external_exports.literal(true).describe("Must be literally true. Guards against accidental member removal.")
     }),
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      if (input.confirm !== true) {
+        return {
+          ok: false,
+          status: 400,
+          error: "org_member_remove requires confirm: true. Team memberships in the org are also removed."
+        };
+      }
+      const orgErr = validateScope(input.org);
+      if (orgErr) return { ok: false, status: 400, error: orgErr };
+      const userErr = validateUsername(input.user);
+      if (userErr) return { ok: false, status: 400, error: userErr };
       const org = input.org.replace(/^@/, "");
       const user = input.user.replace(/^@/, "");
-      const res = await registryDeleteAuth(`/-/org/${encodeURIComponent(org)}/user`, { user });
+      const res = await registryDeleteAuth(`/-/org/${encScope(org)}/user`, { user });
       if (!res.ok) return translateError(res, { op: `org_member_remove ${org}/${user}` });
       return { ok: true, status: 200, data: { org, removedUser: user } };
     }
@@ -23965,7 +24101,7 @@ var writeTools = [
   // performed via NPM_TOKEN alone — we intentionally don't expose npm_token_create.
   {
     name: "npm_token_revoke",
-    description: "Revoke an access token by its key (UUID from npm_tokens). Creating tokens is NOT exposed because the endpoint requires the user password \u2014 create via https://www.npmjs.com/settings/~/tokens instead.",
+    description: "Revoke an access token by its key (UUID from npm_tokens). Requires confirm: true. Revoking the token currently in use by NPM_TOKEN will break the next call. Creating tokens is NOT exposed because the endpoint requires the user password \u2014 create via https://www.npmjs.com/settings/~/tokens instead.",
     annotations: {
       title: "Revoke access token",
       readOnlyHint: false,
@@ -23974,11 +24110,19 @@ var writeTools = [
       openWorldHint: true
     },
     inputSchema: external_exports.object({
-      tokenKey: external_exports.string().describe("Token key (UUID shown by npm_tokens)")
+      tokenKey: external_exports.string().describe("Token key (UUID shown by npm_tokens)"),
+      confirm: external_exports.literal(true).describe("Must be literally true. Guards against revoking the token you're authenticating with.")
     }),
     handler: async (input) => {
       const authErr = requireAuth();
       if (authErr) return authErr;
+      if (input.confirm !== true) {
+        return {
+          ok: false,
+          status: 400,
+          error: "token_revoke requires confirm: true. Revoking the token in NPM_TOKEN will break the next call."
+        };
+      }
       const res = await registryDeleteAuth(`/-/npm/v1/tokens/token/${encodeURIComponent(input.tokenKey)}`);
       if (!res.ok) return translateError(res, { op: "token_revoke" });
       return { ok: true, status: 200, data: { tokenKey: input.tokenKey, revoked: true } };
@@ -23987,7 +24131,7 @@ var writeTools = [
 ];
 
 // src/index.ts
-var version2 = true ? "0.8.0" : (await null).createRequire(import.meta.url)("../package.json").version;
+var version2 = true ? "0.10.0" : (await null).createRequire(import.meta.url)("../package.json").version;
 var subcommand = process.argv[2];
 if (subcommand === "version" || subcommand === "--version") {
   console.log(version2);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@yawlabs/npmjs-mcp",
-  "version": "0.8.0",
+  "version": "0.10.0",
   "description": "npm registry MCP server — package intelligence, security audits, and dependency analysis for AI assistants",
   "license": "MIT",
   "author": "YawLabs <contact@yaw.sh>",
@@ -39,6 +39,10 @@
     "prepublishOnly": "npm run build"
   },
   "dependencies": {},
+  "overrides": {
+    "hono": "^4.12.14",
+    "@hono/node-server": "^1.19.13"
+  },
   "devDependencies": {
     "@biomejs/biome": "^1.9.4",
     "@modelcontextprotocol/sdk": "^1.29.0",