@zuplo/cli 6.70.47 → 6.70.49

package/node_modules/@zuplo/runtime/out/types/mcp-gateway/index.d.ts

@@ -1418,6 +1418,72 @@ export declare interface McpTokenExchangeInboundPolicyOptions {
       };
 }
 
+/**
+ * Authenticate MCP gateway requests using a gateway-issued OAuth access token,
+ * with browser login delegated to WorkOS.
+ *
+ * WorkOS-friendly wrapper around `McpOAuthInboundPolicy`. Provide `clientId`
+ * and `clientSecret`; the constructor derives the WorkOS OIDC issuer, JWKS URL,
+ * authorize URL, and token URL automatically and runs the resulting shape
+ * through the same Zod schema as the generic policy.
+ *
+ * @title MCP WorkOS OAuth
+ * @public
+ * @product mcp-gateway
+ */
+export declare class McpWorkosOAuthInboundPolicy extends InboundPolicy<McpWorkosOAuthInboundPolicyOptions> {
+  #private;
+  constructor(rawOptions: unknown, policyName: string);
+  handler(
+    request: ZuploRequest,
+    context: ZuploContext
+  ): Promise<ZuploRequest | Response>;
+}
+
+/**
+ * The options for this policy.
+ * @public
+ */
+export declare interface McpWorkosOAuthInboundPolicyOptions {
+  /**
+   * The WorkOS client_id registered for the gateway's browser login flow. The OIDC issuer and JWKS URL are derived from this client ID.
+   */
+  clientId: string;
+  /**
+   * The WorkOS client_secret. Use $env(...) to source from a secret environment variable.
+   */
+  clientSecret: string;
+  /**
+   * OIDC scopes requested during browser login.
+   */
+  scope?: string;
+  /**
+   * Gateway-side OAuth token settings. The gateway issuer and advertised URLs are derived from the incoming request origin.
+   */
+  gateway?: {
+    /**
+     * Lifetime of access tokens issued by /oauth/token.
+     */
+    accessTokenTtlSeconds?: number;
+    /**
+     * Lifetime of refresh tokens issued by /oauth/token.
+     */
+    refreshTokenTtlSeconds?: number;
+    /**
+     * Whether to advertise client_id_metadata_document_supported in AS metadata.
+     */
+    cimdEnabled?: boolean;
+  };
+  /**
+   * Optional overrides for the derived browser-login settings.
+   */
+  browserLoginOverrides?: {
+    remoteTimeoutMs?: number;
+    stateTtlSeconds?: number;
+    sessionTtlSeconds?: number;
+  };
+}
+
 /**
  * Arbitrary MCP _meta fields to expose downstream.
  * @public

package/node_modules/@zuplo/runtime/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@zuplo/runtime",
   "type": "module",
-  "version": "6.70.47",
+  "version": "6.70.49",
   "repository": "https://github.com/zuplo/zuplo",
   "author": "Zuplo, Inc.",
   "exports": {

package/node_modules/glob/node_modules/brace-expansion/index.js

@@ -163,7 +163,7 @@ function expand(str, max, isTop) {
 
       N = [];
 
-      for (var i = x; test(i, y); i += incr) {
+      for (var i = x; test(i, y) && N.length < max; i += incr) {
         var c;
         if (isAlphaSequence) {
           c = String.fromCharCode(i);

package/node_modules/glob/node_modules/brace-expansion/package.json

@@ -1,7 +1,7 @@
 {
   "name": "brace-expansion",
   "description": "Brace expansion as known from sh/bash",
-  "version": "2.1.0",
+  "version": "2.1.1",
   "repository": {
     "type": "git",
     "url": "git://github.com/juliangruber/brace-expansion.git"

package/node_modules/hono/dist/cjs/index.js

@@ -17,11 +17,14 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var index_exports = {};
 __export(index_exports, {
+  Context: () => import_context.Context,
   Hono: () => import_hono.Hono
 });
 module.exports = __toCommonJS(index_exports);
 var import_hono = require("./hono");
+var import_context = require("./context");
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  Context,
   Hono
 });

package/node_modules/hono/dist/cjs/middleware/compress/index.js

@@ -17,6 +17,7 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var compress_exports = {};
 __export(compress_exports, {
+  COMPRESSIBLE_CONTENT_TYPE_REGEX: () => import_compress.COMPRESSIBLE_CONTENT_TYPE_REGEX,
   compress: () => compress
 });
 module.exports = __toCommonJS(compress_exports);
@@ -45,6 +46,14 @@ const selectEncoding = (header, candidates) => {
 const compress = (options) => {
   const threshold = options?.threshold ?? 1024;
   const candidates = options?.encoding ? [options.encoding] : ENCODING_TYPES;
+  const contentTypeFilter = options?.contentTypeFilter ?? import_compress.COMPRESSIBLE_CONTENT_TYPE_REGEX;
+  const shouldCompress = typeof contentTypeFilter === "function" ? (res) => {
+    const type = res.headers.get("Content-Type");
+    return type && contentTypeFilter(type);
+  } : (res) => {
+    const type = res.headers.get("Content-Type");
+    return type && contentTypeFilter.test(type);
+  };
   return async function compress2(ctx, next) {
     await next();
     const contentLength = ctx.res.headers.get("Content-Length");
@@ -71,15 +80,12 @@ const compress = (options) => {
     }
   };
 };
-const shouldCompress = (res) => {
-  const type = res.headers.get("Content-Type");
-  return type && import_compress.COMPRESSIBLE_CONTENT_TYPE_REGEX.test(type);
-};
 const shouldTransform = (res) => {
   const cacheControl = res.headers.get("Cache-Control");
   return !cacheControl || !cacheControlNoTransformRegExp.test(cacheControl);
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  COMPRESSIBLE_CONTENT_TYPE_REGEX,
   compress
 });

package/node_modules/hono/dist/cjs/utils/filepath.js

@@ -42,7 +42,7 @@ const getFilePathWithoutDefaultDocument = (options) => {
     return;
   }
   filename = filename.replace(/^\.?[\/\\]/, "");
-  filename = filename.replace(/\\/, "/");
+  filename = filename.replace(/\\/g, "/");
   root = root.replace(/\/$/, "");
   let path = root ? root + "/" + filename : filename;
   path = path.replace(/^\.?\//, "");

package/node_modules/hono/dist/cjs/utils/ipaddr.js

@@ -294,7 +294,7 @@ const convertIPv6BinaryToString = (ipV6) => {
       maxZeroEnd = 8;
     }
   }
-  if (maxZeroStart !== -1) {
+  if (maxZeroStart !== -1 && maxZeroEnd - maxZeroStart > 1) {
     sections.splice(maxZeroStart, maxZeroEnd - maxZeroStart, ":");
   }
   return sections.join(":").replace(/:{2,}/g, "::");

package/node_modules/hono/dist/index.js

@@ -1,5 +1,7 @@
 // src/index.ts
 import { Hono } from "./hono.js";
+import { Context } from "./context.js";
 export {
+  Context,
   Hono
 };

package/node_modules/hono/dist/middleware/compress/index.js

@@ -24,6 +24,14 @@ var selectEncoding = (header, candidates) => {
 var compress = (options) => {
   const threshold = options?.threshold ?? 1024;
   const candidates = options?.encoding ? [options.encoding] : ENCODING_TYPES;
+  const contentTypeFilter = options?.contentTypeFilter ?? COMPRESSIBLE_CONTENT_TYPE_REGEX;
+  const shouldCompress = typeof contentTypeFilter === "function" ? (res) => {
+    const type = res.headers.get("Content-Type");
+    return type && contentTypeFilter(type);
+  } : (res) => {
+    const type = res.headers.get("Content-Type");
+    return type && contentTypeFilter.test(type);
+  };
   return async function compress2(ctx, next) {
     await next();
     const contentLength = ctx.res.headers.get("Content-Length");
@@ -50,14 +58,11 @@ var compress = (options) => {
     }
   };
 };
-var shouldCompress = (res) => {
-  const type = res.headers.get("Content-Type");
-  return type && COMPRESSIBLE_CONTENT_TYPE_REGEX.test(type);
-};
 var shouldTransform = (res) => {
   const cacheControl = res.headers.get("Cache-Control");
   return !cacheControl || !cacheControlNoTransformRegExp.test(cacheControl);
 };
 export {
+  COMPRESSIBLE_CONTENT_TYPE_REGEX,
   compress
 };