npm - @yawlabs/tailscale-mcp - Versions diffs - 0.3.0 → 0.4.0 - Mend

@yawlabs/tailscale-mcp 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

package/README.md +3 -17
package/dist/index.js +22922 -120
package/package.json +10 -11
package/dist/api.d.ts +0 -35
package/dist/api.js +0 -134
package/dist/api.js.map +0 -1
package/dist/cli.d.ts +0 -5
package/dist/cli.js +0 -43
package/dist/cli.js.map +0 -1
package/dist/index.d.ts +0 -2
package/dist/index.js.map +0 -1
package/dist/tools/acl.d.ts +0 -86
package/dist/tools/acl.js +0 -105
package/dist/tools/acl.js.map +0 -1
package/dist/tools/audit.d.ts +0 -50
package/dist/tools/audit.js +0 -60
package/dist/tools/audit.js.map +0 -1
package/dist/tools/devices.d.ts +0 -290
package/dist/tools/devices.js +0 -254
package/dist/tools/devices.js.map +0 -1
package/dist/tools/dns.d.ts +0 -130
package/dist/tools/dns.js +0 -139
package/dist/tools/dns.js.map +0 -1
package/dist/tools/invites.d.ts +0 -158
package/dist/tools/invites.js +0 -160
package/dist/tools/invites.js.map +0 -1
package/dist/tools/keys.d.ts +0 -94
package/dist/tools/keys.js +0 -92
package/dist/tools/keys.js.map +0 -1
package/dist/tools/log-streaming.d.ts +0 -90
package/dist/tools/log-streaming.js +0 -89
package/dist/tools/log-streaming.js.map +0 -1
package/dist/tools/network-lock.d.ts +0 -14
package/dist/tools/network-lock.js +0 -20
package/dist/tools/network-lock.js.map +0 -1
package/dist/tools/oauth-clients.d.ts +0 -118
package/dist/tools/oauth-clients.js +0 -102
package/dist/tools/oauth-clients.js.map +0 -1
package/dist/tools/posture.d.ts +0 -126
package/dist/tools/posture.js +0 -103
package/dist/tools/posture.js.map +0 -1
package/dist/tools/services.d.ts +0 -124
package/dist/tools/services.js +0 -106
package/dist/tools/services.js.map +0 -1
package/dist/tools/status.d.ts +0 -26
package/dist/tools/status.js +0 -38
package/dist/tools/status.js.map +0 -1
package/dist/tools/tailnet.d.ts +0 -142
package/dist/tools/tailnet.js +0 -111
package/dist/tools/tailnet.js.map +0 -1
package/dist/tools/users.d.ts +0 -118
package/dist/tools/users.js +0 -108
package/dist/tools/users.js.map +0 -1
package/dist/tools/webhooks.d.ts +0 -126
package/dist/tools/webhooks.js +0 -121
package/dist/tools/webhooks.js.map +0 -1
package/dist/tools/workload-identity.d.ts +0 -118
package/dist/tools/workload-identity.js +0 -105
package/dist/tools/workload-identity.js.map +0 -1

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@yawlabs/tailscale-mcp",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "Tailscale MCP server for managing your tailnet from AI assistants",
   "license": "MIT",
   "author": "YawLabs <contact@yaw.sh>",
@@ -22,27 +22,26 @@
     "tailscale-mcp": "dist/index.js"
   },
   "files": [
-    "dist",
-    "!dist/**/*.test.*"
+    "dist/index.js"
   ],
   "scripts": {
-    "build": "tsc",
+    "build": "tsc && node build.mjs",
     "dev": "tsc --watch",
     "start": "node dist/index.js",
-    "test": "node --test dist/**/*.test.js",
-    "test:ci": "npm run build && npm test",
+    "test": "npm run build && node --test dist/**/*.test.js",
+    "test:ci": "npm run test",
     "lint": "biome check src/",
     "lint:fix": "biome check --write src/",
     "prepublishOnly": "npm run build"
   },
-  "dependencies": {
-    "@modelcontextprotocol/sdk": "^1.29.0",
-    "zod": "^3.24.4"
-  },
+  "dependencies": {},
   "devDependencies": {
     "@biomejs/biome": "^1.9.4",
+    "@modelcontextprotocol/sdk": "^1.29.0",
     "@types/node": "^22.15.2",
-    "typescript": "^5.8.3"
+    "esbuild": "^0.28.0",
+    "typescript": "^5.8.3",
+    "zod": "^3.24.4"
   },
   "engines": {
     "node": ">=18"

package/dist/api.d.ts DELETED Viewed

@@ -1,35 +0,0 @@
-/**
- * Tailscale API client with API key and OAuth authentication.
- */
-export declare function getTailnet(): string;
-/** URL-encode a path segment to prevent path traversal. */
-export declare function encPath(segment: string): string;
-export interface ApiResponse<T = unknown> {
-    ok: boolean;
-    status: number;
-    data?: T;
-    error?: string;
-    rawBody?: string;
-    etag?: string;
-}
-export declare function apiRequest<T = unknown>(method: string, path: string, body?: unknown, options?: {
-    rawBody?: string;
-    acceptRaw?: boolean;
-    accept?: string;
-    contentType?: string;
-    ifMatch?: string;
-}): Promise<ApiResponse<T>>;
-export declare function apiGet<T = unknown>(path: string, options?: {
-    acceptRaw?: boolean;
-    accept?: string;
-}): Promise<ApiResponse<T>>;
-export declare function apiPost<T = unknown>(path: string, body?: unknown, options?: {
-    rawBody?: string;
-    acceptRaw?: boolean;
-    accept?: string;
-    contentType?: string;
-    ifMatch?: string;
-}): Promise<ApiResponse<T>>;
-export declare function apiPut<T = unknown>(path: string, body?: unknown): Promise<ApiResponse<T>>;
-export declare function apiPatch<T = unknown>(path: string, body?: unknown): Promise<ApiResponse<T>>;
-export declare function apiDelete<T = unknown>(path: string): Promise<ApiResponse<T>>;

package/dist/api.js DELETED Viewed

@@ -1,134 +0,0 @@
-/**
- * Tailscale API client with API key and OAuth authentication.
- */
-const BASE_URL = "https://api.tailscale.com/api/v2";
-const REQUEST_TIMEOUT_MS = 30_000;
-let oauthToken = null;
-let oauthRefreshPromise = null;
-function getConfig() {
-    const apiKey = process.env.TAILSCALE_API_KEY;
-    const oauthClientId = process.env.TAILSCALE_OAUTH_CLIENT_ID;
-    const oauthClientSecret = process.env.TAILSCALE_OAUTH_CLIENT_SECRET;
-    const tailnet = process.env.TAILSCALE_TAILNET || "-";
-    if (!apiKey && !(oauthClientId && oauthClientSecret)) {
-        throw new Error("No Tailscale credentials configured. " +
-            "Set TAILSCALE_API_KEY, or set both TAILSCALE_OAUTH_CLIENT_ID and TAILSCALE_OAUTH_CLIENT_SECRET.");
-    }
-    if (apiKey && apiKey.trim() === "") {
-        throw new Error("TAILSCALE_API_KEY is set but empty. Provide a valid API key.");
-    }
-    return { apiKey, oauthClientId, oauthClientSecret, tailnet };
-}
-async function getOAuthAccessToken(clientId, clientSecret) {
-    if (oauthToken && Date.now() < oauthToken.expires_at - 60_000) {
-        return oauthToken.access_token;
-    }
-    // Deduplicate concurrent refresh requests
-    if (oauthRefreshPromise) {
-        return oauthRefreshPromise;
-    }
-    oauthRefreshPromise = (async () => {
-        try {
-            const res = await fetch("https://api.tailscale.com/api/v2/oauth/token", {
-                method: "POST",
-                headers: { "Content-Type": "application/x-www-form-urlencoded" },
-                body: new URLSearchParams({
-                    client_id: clientId,
-                    client_secret: clientSecret,
-                    grant_type: "client_credentials",
-                }),
-                signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
-            });
-            if (!res.ok) {
-                const body = await res.text();
-                throw new Error(`OAuth token exchange failed (${res.status}): ${body}`);
-            }
-            const data = (await res.json());
-            oauthToken = {
-                access_token: data.access_token,
-                expires_at: Date.now() + data.expires_in * 1000,
-            };
-            return oauthToken.access_token;
-        }
-        finally {
-            oauthRefreshPromise = null;
-        }
-    })();
-    return oauthRefreshPromise;
-}
-async function getAuthHeader() {
-    const config = getConfig();
-    if (config.apiKey) {
-        return `Basic ${Buffer.from(`${config.apiKey}:`).toString("base64")}`;
-    }
-    const token = await getOAuthAccessToken(config.oauthClientId, config.oauthClientSecret);
-    return `Bearer ${token}`;
-}
-export function getTailnet() {
-    return process.env.TAILSCALE_TAILNET || "-";
-}
-/** URL-encode a path segment to prevent path traversal. */
-export function encPath(segment) {
-    return encodeURIComponent(segment);
-}
-export async function apiRequest(method, path, body, options) {
-    const auth = await getAuthHeader();
-    const headers = {
-        Authorization: auth,
-    };
-    if (options?.accept) {
-        headers.Accept = options.accept;
-    }
-    if (options?.ifMatch) {
-        headers["If-Match"] = options.ifMatch;
-    }
-    let fetchBody;
-    if (options?.rawBody !== undefined) {
-        headers["Content-Type"] = options.contentType || "application/json";
-        fetchBody = options.rawBody;
-    }
-    else if (body !== undefined) {
-        headers["Content-Type"] = "application/json";
-        fetchBody = JSON.stringify(body);
-    }
-    const url = path.startsWith("http") ? path : `${BASE_URL}${path}`;
-    const res = await fetch(url, {
-        method,
-        headers,
-        body: fetchBody,
-        signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS),
-    });
-    const etag = res.headers.get("etag") || undefined;
-    if (options?.acceptRaw) {
-        const rawBody = await res.text();
-        if (!res.ok) {
-            return { ok: false, status: res.status, error: rawBody, rawBody, etag };
-        }
-        return { ok: true, status: res.status, rawBody, etag };
-    }
-    if (!res.ok) {
-        const errorBody = await res.text();
-        return { ok: false, status: res.status, error: errorBody, etag };
-    }
-    if (res.status === 204 || res.headers.get("content-length") === "0") {
-        return { ok: true, status: res.status, etag };
-    }
-    const data = (await res.json());
-    return { ok: true, status: res.status, data, etag };
-}
-export async function apiGet(path, options) {
-    return apiRequest("GET", path, undefined, options);
-}
-export async function apiPost(path, body, options) {
-    return apiRequest("POST", path, body, options);
-}
-export async function apiPut(path, body) {
-    return apiRequest("PUT", path, body);
-}
-export async function apiPatch(path, body) {
-    return apiRequest("PATCH", path, body);
-}
-export async function apiDelete(path) {
-    return apiRequest("DELETE", path);
-}
-//# sourceMappingURL=api.js.map

package/dist/api.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"api.js","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,QAAQ,GAAG,kCAAkC,CAAC;AACpD,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAOlC,IAAI,UAAU,GAAsB,IAAI,CAAC;AACzC,IAAI,mBAAmB,GAA2B,IAAI,CAAC;AAEvD,SAAS,SAAS;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC7C,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC;IAC5D,MAAM,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IACpE,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC;IAErD,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,aAAa,IAAI,iBAAiB,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CACb,uCAAuC;YACrC,iGAAiG,CACpG,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,iBAAiB,EAAE,OAAO,EAAE,CAAC;AAC/D,CAAC;AAED,KAAK,UAAU,mBAAmB,CAAC,QAAgB,EAAE,YAAoB;IACvE,IAAI,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,UAAU,GAAG,MAAM,EAAE,CAAC;QAC9D,OAAO,UAAU,CAAC,YAAY,CAAC;IACjC,CAAC;IAED,0CAA0C;IAC1C,IAAI,mBAAmB,EAAE,CAAC;QACxB,OAAO,mBAAmB,CAAC;IAC7B,CAAC;IAED,mBAAmB,GAAG,CAAC,KAAK,IAAI,EAAE;QAChC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,8CAA8C,EAAE;gBACtE,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;gBAChE,IAAI,EAAE,IAAI,eAAe,CAAC;oBACxB,SAAS,EAAE,QAAQ;oBACnB,aAAa,EAAE,YAAY;oBAC3B,UAAU,EAAE,oBAAoB;iBACjC,CAAC;gBACF,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,kBAAkB,CAAC;aAChD,CAAC,CAAC;YAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;YAC1E,CAAC;YAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAiD,CAAC;YAChF,UAAU,GAAG;gBACX,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI;aAChD,CAAC;YACF,OAAO,UAAU,CAAC,YAAY,CAAC;QACjC,CAAC;gBAAS,CAAC;YACT,mBAAmB,GAAG,IAAI,CAAC;QAC7B,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,OAAO,SAAS,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;IACxE,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,mBAAmB,CAAC,MAAM,CAAC,aAAc,EAAE,MAAM,CAAC,iBAAkB,CAAC,CAAC;IAC1F,OAAO,UAAU,KAAK,EAAE,CAAC;AAC3B,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC;AAC9C,CAAC;AAED,2DAA2D;AAC3D,MAAM,UAAU,OAAO,CAAC,OAAe;IACrC,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;AACrC,CAAC;AAWD,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,MAAc,EACd,IAAY,EACZ,IAAc,EACd,OAA4G;IAE5G,MAAM,IAAI,GAAG,MAAM,aAAa,EAAE,CAAC;IAEnC,MAAM,OAAO,GAA2B;QACtC,aAAa,EAAE,IAAI;KACpB,CAAC;IAEF,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;QACpB,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAClC,CAAC;IAED,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;QACrB,OAAO,CAAC,UAAU,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IACxC,CAAC;IAED,IAAI,SAA6B,CAAC;IAElC,IAAI,OAAO,EAAE,OAAO,KAAK,SAAS,EAAE,CAAC;QACnC,OAAO,CAAC,cAAc,CAAC,GAAG,OAAO,CAAC,WAAW,IAAI,kBAAkB,CAAC;QACpE,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC;IAC9B,CAAC;SAAM,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;QAC7C,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,QAAQ,GAAG,IAAI,EAAE,CAAC;IAElE,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAC3B,MAAM;QACN,OAAO;QACP,IAAI,EAAE,SAAS;QACf,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,kBAAkB,CAAC;KAChD,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC;IAElD,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QACjC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC1E,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IACzD,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QACnC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IACnE,CAAC;IAED,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,KAAK,GAAG,EAAE,CAAC;QACpE,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC;IAChD,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAM,CAAC;IACrC,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACtD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,IAAY,EACZ,OAAkD;IAElD,OAAO,UAAU,CAAI,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;AACxD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,IAAY,EACZ,IAAc,EACd,OAA4G;IAE5G,OAAO,UAAU,CAAI,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAAc,IAAY,EAAE,IAAc;IACpE,OAAO,UAAU,CAAI,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAC1C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAc,IAAY,EAAE,IAAc;IACtE,OAAO,UAAU,CAAI,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAc,IAAY;IACvD,OAAO,UAAU,CAAI,QAAQ,EAAE,IAAI,CAAC,CAAC;AACvC,CAAC"}

package/dist/cli.d.ts DELETED Viewed

@@ -1,5 +0,0 @@
-/**
- * CLI subcommands for tailscale-mcp.
- * These run instead of the MCP server when a subcommand is passed.
- */
-export declare function deployAcl(filePath: string): Promise<void>;

package/dist/cli.js DELETED Viewed

@@ -1,43 +0,0 @@
-/**
- * CLI subcommands for tailscale-mcp.
- * These run instead of the MCP server when a subcommand is passed.
- */
-import { readFileSync } from "node:fs";
-import { apiGet, apiPost, getTailnet } from "./api.js";
-export async function deployAcl(filePath) {
-    let policy;
-    try {
-        policy = readFileSync(filePath, "utf-8");
-    }
-    catch (err) {
-        console.error(`Failed to read ${filePath}: ${err instanceof Error ? err.message : err}`);
-        process.exit(1);
-    }
-    // Fetch current ETag
-    const getRes = await apiGet(`/tailnet/${getTailnet()}/acl`, { acceptRaw: true, accept: "application/hujson" });
-    if (!getRes.ok || !getRes.etag) {
-        console.error(`Failed to get current ACL: ${getRes.error || "no ETag returned"}`);
-        process.exit(1);
-    }
-    // Validate before deploying
-    const validateRes = await apiPost(`/tailnet/${getTailnet()}/acl/validate`, undefined, {
-        rawBody: policy,
-        contentType: "application/hujson",
-    });
-    if (!validateRes.ok) {
-        console.error(`ACL validation failed: ${validateRes.error}`);
-        process.exit(1);
-    }
-    // Deploy with ETag
-    const deployRes = await apiPost(`/tailnet/${getTailnet()}/acl`, undefined, {
-        rawBody: policy,
-        contentType: "application/hujson",
-        ifMatch: getRes.etag,
-    });
-    if (!deployRes.ok) {
-        console.error(`ACL deploy failed: ${deployRes.error}`);
-        process.exit(1);
-    }
-    console.log("ACL deployed successfully");
-}
-//# sourceMappingURL=cli.js.map

package/dist/cli.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAEvD,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,QAAgB;IAC9C,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC3C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,kBAAkB,QAAQ,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACzF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,qBAAqB;IACrB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,YAAY,UAAU,EAAE,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC,CAAC;IAC/G,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAC/B,OAAO,CAAC,KAAK,CAAC,8BAA8B,MAAM,CAAC,KAAK,IAAI,kBAAkB,EAAE,CAAC,CAAC;QAClF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,4BAA4B;IAC5B,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,YAAY,UAAU,EAAE,eAAe,EAAE,SAAS,EAAE;QACpF,OAAO,EAAE,MAAM;QACf,WAAW,EAAE,oBAAoB;KAClC,CAAC,CAAC;IACH,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,0BAA0B,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;QAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,mBAAmB;IACnB,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,YAAY,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE;QACzE,OAAO,EAAE,MAAM;QACf,WAAW,EAAE,oBAAoB;QACjC,OAAO,EAAE,MAAM,CAAC,IAAI;KACrB,CAAC,CAAC;IACH,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,sBAAsB,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC;QACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;AAC3C,CAAC"}

package/dist/index.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- #!/usr/bin/env node
2	- export {};

package/dist/index.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,8BAA8B,CAAC;AAErE,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,iBAAiB,CAAwB,CAAC;AAEtE,sDAAsD;AAEtD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAEnC,IAAI,UAAU,KAAK,YAAY,EAAE,CAAC;IAChC,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjC,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,SAAS,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QAChC,OAAO,CAAC,KAAK,CAAC,UAAU,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;QACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC;KAAM,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,KAAK,WAAW,EAAE,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AACvB,CAAC;AAED,uCAAuC;AAEvC,MAAM,QAAQ,GAAG;IACf,GAAG,WAAW;IACd,GAAG,WAAW;IACd,GAAG,QAAQ;IACX,GAAG,QAAQ;IACX,GAAG,QAAQ;IACX,GAAG,SAAS;IACZ,GAAG,YAAY;IACf,GAAG,YAAY;IACf,GAAG,gBAAgB;IACnB,GAAG,YAAY;IACf,GAAG,UAAU;IACb,GAAG,WAAW;IACd,GAAG,YAAY;IACf,GAAG,iBAAiB;IACpB,GAAG,qBAAqB;IACxB,GAAG,gBAAgB;CACpB,CAAC;AAEF,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,wBAAwB;IAC9B,OAAO;CACR,CAAC,CAAC;AAEH,sCAAsC;AACtC,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC5B,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,WAAW,CAAC,KAAK,EACtB,IAAI,CAAC,WAAW,EAChB,KAAK,EAAE,KAA8B,EAAE,EAAE;QACvC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAO,IAAI,CAAC,OAAgD,CAAC,KAAK,CAAC,CAAC;YACnF,MAAM,QAAQ,GAAG,MAA2E,CAAC;YAE7F,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,OAAO;oBACL,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,MAAe;4BACrB,IAAI,EAAE,UAAU,QAAQ,CAAC,KAAK,IAAI,eAAe,EAAE;yBACpD;qBACF;oBACD,OAAO,EAAE,IAAI;iBACd,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YAC7F,OAAO;gBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,CAAC;aAC3C,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO;gBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,UAAU,OAAO,EAAE,EAAE,CAAC;gBAC/D,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;IACH,CAAC,CACF,CAAC;AACJ,CAAC;AAED,yBAAyB;AACzB,MAAM,CAAC,QAAQ,CACb,gBAAgB,EAChB,4BAA4B,EAC5B,EAAE,WAAW,EAAE,4DAA4D,EAAE,QAAQ,EAAE,kBAAkB,EAAE,EAC3G,KAAK,EAAE,GAAG,EAAE,EAAE;IACZ,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAClD,MAAM,CAAyB,YAAY,UAAU,EAAE,oBAAoB,CAAC;QAC5E,MAAM,CAA0B,YAAY,UAAU,EAAE,WAAW,CAAC;KACrE,CAAC,CAAC;IACH,MAAM,IAAI,GAAG;QACX,OAAO,EAAE,UAAU,EAAE;QACrB,WAAW,EAAE,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO;QAC9E,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;KACxD,CAAC;IACF,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,QAAQ,EAAE,kBAAkB,EAAE,CAAC,EAAE,CAAC;AAC9G,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,QAAQ,CACb,iBAAiB,EACjB,6BAA6B,EAC7B,EAAE,WAAW,EAAE,sDAAsD,EAAE,QAAQ,EAAE,kBAAkB,EAAE,EACrG,KAAK,EAAE,GAAG,EAAE,EAAE;IACZ,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,YAAY,UAAU,EAAE,UAAU,CAAC,CAAC;IAC7D,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;IAC/F,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,kBAAkB,EAAE,CAAC,EAAE,CAAC;AAC/E,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,QAAQ,CACb,aAAa,EACb,yBAAyB,EACzB,EAAE,WAAW,EAAE,qDAAqD,EAAE,QAAQ,EAAE,oBAAoB,EAAE,EACtG,KAAK,EAAE,GAAG,EAAE,EAAE;IACZ,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,YAAY,UAAU,EAAE,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC,CAAC;IAC5G,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,KAAK,EAAE,CAAC;IAClE,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,oBAAoB,EAAE,CAAC,EAAE,CAAC;AACjF,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,QAAQ,CACb,aAAa,EACb,yBAAyB,EACzB;IACE,WAAW,EAAE,uFAAuF;IACpG,QAAQ,EAAE,kBAAkB;CAC7B,EACD,KAAK,EAAE,GAAG,EAAE,EAAE;IACZ,MAAM,CAAC,WAAW,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAC1E,MAAM,CAAC,YAAY,UAAU,EAAE,kBAAkB,CAAC;QAClD,MAAM,CAAC,YAAY,UAAU,EAAE,kBAAkB,CAAC;QAClD,MAAM,CAAC,YAAY,UAAU,EAAE,gBAAgB,CAAC;QAChD,MAAM,CAAC,YAAY,UAAU,EAAE,kBAAkB,CAAC;KACnD,CAAC,CAAC;IACH,MAAM,IAAI,GAAG;QACX,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QAC1D,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QAC1D,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;QACjD,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;KAC3D,CAAC;IACF,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,QAAQ,EAAE,kBAAkB,EAAE,CAAC,EAAE,CAAC;AAC9G,CAAC,CACF,CAAC;AAEF,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/tools/acl.d.ts DELETED Viewed

@@ -1,86 +0,0 @@
-import { z } from "zod";
-export declare const aclTools: readonly [{
-    readonly name: "tailscale_get_acl";
-    readonly description: "Get the current ACL policy for your tailnet. Returns the raw policy text with original formatting preserved, including comments and trailing commas (HuJSON). Also returns an ETag — you must pass it to tailscale_update_acl to safely update the policy.";
-    readonly annotations: {
-        readonly title: "Get ACL policy";
-        readonly readOnlyHint: true;
-        readonly destructiveHint: false;
-        readonly idempotentHint: true;
-        readonly openWorldHint: true;
-    };
-    readonly inputSchema: z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>;
-    readonly handler: () => Promise<import("../api.js").ApiResponse<unknown>>;
-}, {
-    readonly name: "tailscale_update_acl";
-    readonly description: "Update the ACL policy for your tailnet. Accepts the full policy as a string to preserve formatting, comments, and trailing commas (HuJSON). You MUST pass the ETag from tailscale_get_acl to prevent overwriting concurrent changes. Always get the current ACL first, make targeted edits to the text, and pass the full modified text back.";
-    readonly annotations: {
-        readonly title: "Update ACL policy";
-        readonly readOnlyHint: false;
-        readonly destructiveHint: false;
-        readonly idempotentHint: true;
-        readonly openWorldHint: true;
-    };
-    readonly inputSchema: z.ZodObject<{
-        policy: z.ZodString;
-        etag: z.ZodString;
-    }, "strip", z.ZodTypeAny, {
-        etag: string;
-        policy: string;
-    }, {
-        etag: string;
-        policy: string;
-    }>;
-    readonly handler: (input: {
-        policy: string;
-        etag: string;
-    }) => Promise<import("../api.js").ApiResponse<unknown>>;
-}, {
-    readonly name: "tailscale_validate_acl";
-    readonly description: "Validate an ACL policy without applying it. Returns any errors found, or confirms the policy is valid.";
-    readonly annotations: {
-        readonly title: "Validate ACL policy";
-        readonly readOnlyHint: true;
-        readonly destructiveHint: false;
-        readonly idempotentHint: true;
-        readonly openWorldHint: true;
-    };
-    readonly inputSchema: z.ZodObject<{
-        policy: z.ZodString;
-    }, "strip", z.ZodTypeAny, {
-        policy: string;
-    }, {
-        policy: string;
-    }>;
-    readonly handler: (input: {
-        policy: string;
-    }) => Promise<import("../api.js").ApiResponse<unknown>>;
-}, {
-    readonly name: "tailscale_preview_acl";
-    readonly description: "Preview the ACL rules that would apply to a specific user or IP address if a proposed policy were applied.";
-    readonly annotations: {
-        readonly title: "Preview ACL rules";
-        readonly readOnlyHint: true;
-        readonly destructiveHint: false;
-        readonly idempotentHint: true;
-        readonly openWorldHint: true;
-    };
-    readonly inputSchema: z.ZodObject<{
-        policy: z.ZodString;
-        type: z.ZodEnum<["user", "ipport"]>;
-        previewFor: z.ZodString;
-    }, "strip", z.ZodTypeAny, {
-        type: "user" | "ipport";
-        policy: string;
-        previewFor: string;
-    }, {
-        type: "user" | "ipport";
-        policy: string;
-        previewFor: string;
-    }>;
-    readonly handler: (input: {
-        policy: string;
-        type: string;
-        previewFor: string;
-    }) => Promise<import("../api.js").ApiResponse<unknown>>;
-}];

package/dist/tools/acl.js DELETED Viewed

@@ -1,105 +0,0 @@
-import { z } from "zod";
-import { apiGet, apiPost, getTailnet } from "../api.js";
-export const aclTools = [
-    {
-        name: "tailscale_get_acl",
-        description: "Get the current ACL policy for your tailnet. Returns the raw policy text with original formatting preserved, including comments and trailing commas (HuJSON). Also returns an ETag — you must pass it to tailscale_update_acl to safely update the policy.",
-        annotations: {
-            title: "Get ACL policy",
-            readOnlyHint: true,
-            destructiveHint: false,
-            idempotentHint: true,
-            openWorldHint: true,
-        },
-        inputSchema: z.object({}),
-        handler: async () => {
-            const res = await apiGet(`/tailnet/${getTailnet()}/acl`, {
-                acceptRaw: true,
-                accept: "application/hujson",
-            });
-            if (res.ok && res.etag) {
-                return {
-                    ...res,
-                    rawBody: `${res.rawBody}\n\n---\nETag: ${res.etag}\nPass this ETag to tailscale_update_acl when updating the policy.`,
-                };
-            }
-            return res;
-        },
-    },
-    {
-        name: "tailscale_update_acl",
-        description: "Update the ACL policy for your tailnet. Accepts the full policy as a string to preserve formatting, comments, and trailing commas (HuJSON). You MUST pass the ETag from tailscale_get_acl to prevent overwriting concurrent changes. Always get the current ACL first, make targeted edits to the text, and pass the full modified text back.",
-        annotations: {
-            title: "Update ACL policy",
-            readOnlyHint: false,
-            destructiveHint: false,
-            idempotentHint: true,
-            openWorldHint: true,
-        },
-        inputSchema: z.object({
-            policy: z
-                .string()
-                .describe("The full ACL policy text. Preserve existing formatting, comments, and structure. Only modify the specific parts that need to change."),
-            etag: z.string().describe("The ETag from tailscale_get_acl. Required to prevent concurrent edit conflicts."),
-        }),
-        handler: async (input) => {
-            return apiPost(`/tailnet/${getTailnet()}/acl`, undefined, {
-                rawBody: input.policy,
-                contentType: "application/hujson",
-                ifMatch: input.etag,
-            });
-        },
-    },
-    {
-        name: "tailscale_validate_acl",
-        description: "Validate an ACL policy without applying it. Returns any errors found, or confirms the policy is valid.",
-        annotations: {
-            title: "Validate ACL policy",
-            readOnlyHint: true,
-            destructiveHint: false,
-            idempotentHint: true,
-            openWorldHint: true,
-        },
-        inputSchema: z.object({
-            policy: z.string().describe("The full ACL policy text to validate"),
-        }),
-        handler: async (input) => {
-            const res = await apiPost(`/tailnet/${getTailnet()}/acl/validate`, undefined, {
-                rawBody: input.policy,
-                contentType: "application/hujson",
-            });
-            if (res.ok && !res.data) {
-                return { ...res, data: { message: "ACL policy is valid." } };
-            }
-            return res;
-        },
-    },
-    {
-        name: "tailscale_preview_acl",
-        description: "Preview the ACL rules that would apply to a specific user or IP address if a proposed policy were applied.",
-        annotations: {
-            title: "Preview ACL rules",
-            readOnlyHint: true,
-            destructiveHint: false,
-            idempotentHint: true,
-            openWorldHint: true,
-        },
-        inputSchema: z.object({
-            policy: z.string().describe("The proposed ACL policy text to preview"),
-            type: z
-                .enum(["user", "ipport"])
-                .describe("Preview type: 'user' to see rules for a user, 'ipport' to see rules for an IP"),
-            previewFor: z
-                .string()
-                .describe("The user email (for type 'user') or IP:port (for type 'ipport') to preview rules for"),
-        }),
-        handler: async (input) => {
-            const params = new URLSearchParams({ type: input.type, previewFor: input.previewFor });
-            return apiPost(`/tailnet/${getTailnet()}/acl/preview?${params}`, undefined, {
-                rawBody: input.policy,
-                contentType: "application/hujson",
-            });
-        },
-    },
-];
-//# sourceMappingURL=acl.js.map

package/dist/tools/acl.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"acl.js","sourceRoot":"","sources":["../../src/tools/acl.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAExD,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,4PAA4P;QAC9P,WAAW,EAAE;YACX,KAAK,EAAE,gBAAgB;YACvB,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,YAAY,UAAU,EAAE,MAAM,EAAE;gBACvD,SAAS,EAAE,IAAI;gBACf,MAAM,EAAE,oBAAoB;aAC7B,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;gBACvB,OAAO;oBACL,GAAG,GAAG;oBACN,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,kBAAkB,GAAG,CAAC,IAAI,oEAAoE;iBACtH,CAAC;YACJ,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;KACF;IACD;QACE,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EACT,+UAA+U;QACjV,WAAW,EAAE;YACX,KAAK,EAAE,mBAAmB;YAC1B,YAAY,EAAE,KAAK;YACnB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;YACpB,MAAM,EAAE,CAAC;iBACN,MAAM,EAAE;iBACR,QAAQ,CACP,sIAAsI,CACvI;YACH,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,iFAAiF,CAAC;SAC7G,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,KAAuC,EAAE,EAAE;YACzD,OAAO,OAAO,CAAC,YAAY,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE;gBACxD,OAAO,EAAE,KAAK,CAAC,MAAM;gBACrB,WAAW,EAAE,oBAAoB;gBACjC,OAAO,EAAE,KAAK,CAAC,IAAI;aACpB,CAAC,CAAC;QACL,CAAC;KACF;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EACT,wGAAwG;QAC1G,WAAW,EAAE;YACX,KAAK,EAAE,qBAAqB;YAC5B,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sCAAsC,CAAC;SACpE,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,KAAyB,EAAE,EAAE;YAC3C,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,YAAY,UAAU,EAAE,eAAe,EAAE,SAAS,EAAE;gBAC5E,OAAO,EAAE,KAAK,CAAC,MAAM;gBACrB,WAAW,EAAE,oBAAoB;aAClC,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBACxB,OAAO,EAAE,GAAG,GAAG,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,sBAAsB,EAAE,EAAE,CAAC;YAC/D,CAAC;YACD,OAAO,GAAG,CAAC;QACb,CAAC;KACF;IACD;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EACT,4GAA4G;QAC9G,WAAW,EAAE;YACX,KAAK,EAAE,mBAAmB;YAC1B,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,yCAAyC,CAAC;YACtE,IAAI,EAAE,CAAC;iBACJ,IAAI,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;iBACxB,QAAQ,CAAC,+EAA+E,CAAC;YAC5F,UAAU,EAAE,CAAC;iBACV,MAAM,EAAE;iBACR,QAAQ,CAAC,sFAAsF,CAAC;SACpG,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,KAA2D,EAAE,EAAE;YAC7E,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;YACvF,OAAO,OAAO,CAAC,YAAY,UAAU,EAAE,gBAAgB,MAAM,EAAE,EAAE,SAAS,EAAE;gBAC1E,OAAO,EAAE,KAAK,CAAC,MAAM;gBACrB,WAAW,EAAE,oBAAoB;aAClC,CAAC,CAAC;QACL,CAAC;KACF;CACO,CAAC"}

package/dist/tools/audit.d.ts DELETED Viewed

@@ -1,50 +0,0 @@
-import { z } from "zod";
-export declare const auditTools: readonly [{
-    readonly name: "tailscale_get_audit_log";
-    readonly description: "Get the tailnet audit/configuration log. Shows who changed what and when — useful for troubleshooting and compliance.";
-    readonly annotations: {
-        readonly title: "Get audit log";
-        readonly readOnlyHint: true;
-        readonly destructiveHint: false;
-        readonly idempotentHint: true;
-        readonly openWorldHint: true;
-    };
-    readonly inputSchema: z.ZodObject<{
-        start: z.ZodString;
-        end: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        start: string;
-        end?: string | undefined;
-    }, {
-        start: string;
-        end?: string | undefined;
-    }>;
-    readonly handler: (input: {
-        start: string;
-        end?: string;
-    }) => Promise<import("../api.js").ApiResponse<unknown>>;
-}, {
-    readonly name: "tailscale_get_network_flow_logs";
-    readonly description: "Get network traffic flow logs showing connections between devices. Shows source/destination nodes, timestamps, and traffic metadata — useful for security monitoring and debugging connectivity.";
-    readonly annotations: {
-        readonly title: "Get network flow logs";
-        readonly readOnlyHint: true;
-        readonly destructiveHint: false;
-        readonly idempotentHint: true;
-        readonly openWorldHint: true;
-    };
-    readonly inputSchema: z.ZodObject<{
-        start: z.ZodString;
-        end: z.ZodOptional<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        start: string;
-        end?: string | undefined;
-    }, {
-        start: string;
-        end?: string | undefined;
-    }>;
-    readonly handler: (input: {
-        start: string;
-        end?: string;
-    }) => Promise<import("../api.js").ApiResponse<unknown>>;
-}];

package/dist/tools/audit.js DELETED Viewed

@@ -1,60 +0,0 @@
-import { z } from "zod";
-import { apiGet, getTailnet } from "../api.js";
-/** Validate that a string is a valid RFC3339 date-time. */
-function assertRFC3339(value, label) {
-    const d = new Date(value);
-    if (Number.isNaN(d.getTime())) {
-        throw new Error(`${label} must be a valid RFC3339 date-time (e.g. '2026-04-01T00:00:00Z'), got: '${value}'`);
-    }
-}
-export const auditTools = [
-    {
-        name: "tailscale_get_audit_log",
-        description: "Get the tailnet audit/configuration log. Shows who changed what and when — useful for troubleshooting and compliance.",
-        annotations: {
-            title: "Get audit log",
-            readOnlyHint: true,
-            destructiveHint: false,
-            idempotentHint: true,
-            openWorldHint: true,
-        },
-        inputSchema: z.object({
-            start: z.string().describe("Start time in RFC3339 format (e.g. '2026-04-01T00:00:00Z'). Required."),
-            end: z.string().optional().describe("End time in RFC3339 format. Defaults to now."),
-        }),
-        handler: async (input) => {
-            assertRFC3339(input.start, "start");
-            if (input.end)
-                assertRFC3339(input.end, "end");
-            const params = new URLSearchParams({ start: input.start });
-            if (input.end)
-                params.set("end", input.end);
-            return apiGet(`/tailnet/${getTailnet()}/logging/configuration?${params}`);
-        },
-    },
-    {
-        name: "tailscale_get_network_flow_logs",
-        description: "Get network traffic flow logs showing connections between devices. Shows source/destination nodes, timestamps, and traffic metadata — useful for security monitoring and debugging connectivity.",
-        annotations: {
-            title: "Get network flow logs",
-            readOnlyHint: true,
-            destructiveHint: false,
-            idempotentHint: true,
-            openWorldHint: true,
-        },
-        inputSchema: z.object({
-            start: z.string().describe("Start time in RFC3339 format (e.g. '2026-04-01T00:00:00Z'). Required."),
-            end: z.string().optional().describe("End time in RFC3339 format. Defaults to now."),
-        }),
-        handler: async (input) => {
-            assertRFC3339(input.start, "start");
-            if (input.end)
-                assertRFC3339(input.end, "end");
-            const params = new URLSearchParams({ start: input.start });
-            if (input.end)
-                params.set("end", input.end);
-            return apiGet(`/tailnet/${getTailnet()}/logging/network?${params}`);
-        },
-    },
-];
-//# sourceMappingURL=audit.js.map

package/dist/tools/audit.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/tools/audit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAE/C,2DAA2D;AAC3D,SAAS,aAAa,CAAC,KAAa,EAAE,KAAa;IACjD,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1B,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,2EAA2E,KAAK,GAAG,CAAC,CAAC;IAC/G,CAAC;AACH,CAAC;AAED,MAAM,CAAC,MAAM,UAAU,GAAG;IACxB;QACE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EACT,uHAAuH;QACzH,WAAW,EAAE;YACX,KAAK,EAAE,eAAe;YACtB,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;YACpB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,uEAAuE,CAAC;YACnG,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;SACpF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,KAAsC,EAAE,EAAE;YACxD,aAAa,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YACpC,IAAI,KAAK,CAAC,GAAG;gBAAE,aAAa,CAAC,KAAK,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC3D,IAAI,KAAK,CAAC,GAAG;gBAAE,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,MAAM,CAAC,YAAY,UAAU,EAAE,0BAA0B,MAAM,EAAE,CAAC,CAAC;QAC5E,CAAC;KACF;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,WAAW,EACT,kMAAkM;QACpM,WAAW,EAAE;YACX,KAAK,EAAE,uBAAuB;YAC9B,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,KAAK;YACtB,cAAc,EAAE,IAAI;YACpB,aAAa,EAAE,IAAI;SACpB;QACD,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC;YACpB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,uEAAuE,CAAC;YACnG,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,8CAA8C,CAAC;SACpF,CAAC;QACF,OAAO,EAAE,KAAK,EAAE,KAAsC,EAAE,EAAE;YACxD,aAAa,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YACpC,IAAI,KAAK,CAAC,GAAG;gBAAE,aAAa,CAAC,KAAK,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC3D,IAAI,KAAK,CAAC,GAAG;gBAAE,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5C,OAAO,MAAM,CAAC,YAAY,UAAU,EAAE,oBAAoB,MAAM,EAAE,CAAC,CAAC;QACtE,CAAC;KACF;CACO,CAAC"}