autoremediator 0.2.2 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -1
- package/dist/{chunk-DQKT2CUG.js → chunk-GBOD3DV6.js} +739 -159
- package/dist/chunk-GBOD3DV6.js.map +1 -0
- package/dist/cli.d.ts +5 -0
- package/dist/cli.js +55 -17
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +77 -11
- package/dist/index.js +3 -1
- package/dist/mcp/server.d.ts +292 -0
- package/dist/mcp/server.js +120 -16
- package/dist/mcp/server.js.map +1 -1
- package/dist/openapi/server.d.ts +445 -1
- package/dist/openapi/server.js +215 -54
- package/dist/openapi/server.js.map +1 -1
- package/package.json +1 -1
- package/dist/chunk-DQKT2CUG.js.map +0 -1
package/dist/mcp/server.js
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
import {
|
|
3
|
+
planRemediation,
|
|
3
4
|
remediate,
|
|
4
5
|
remediateFromScan
|
|
5
|
-
} from "../chunk-
|
|
6
|
+
} from "../chunk-GBOD3DV6.js";
|
|
6
7
|
|
|
7
8
|
// src/mcp/server.ts
|
|
8
9
|
import { Server } from "@modelcontextprotocol/sdk/server/index.js";
|
|
@@ -11,10 +12,18 @@ import {
|
|
|
11
12
|
CallToolRequestSchema,
|
|
12
13
|
ListToolsRequestSchema
|
|
13
14
|
} from "@modelcontextprotocol/sdk/types.js";
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
15
|
+
import { fileURLToPath } from "url";
|
|
16
|
+
var defaultDeps = {
|
|
17
|
+
remediateFn: remediate,
|
|
18
|
+
planRemediationFn: planRemediation,
|
|
19
|
+
remediateFromScanFn: remediateFromScan
|
|
20
|
+
};
|
|
21
|
+
function createBaseServer() {
|
|
22
|
+
return new Server(
|
|
23
|
+
{ name: "autoremediator", version: "0.1.2" },
|
|
24
|
+
{ capabilities: { tools: {} } }
|
|
25
|
+
);
|
|
26
|
+
}
|
|
18
27
|
var TOOLS = [
|
|
19
28
|
{
|
|
20
29
|
name: "remediate",
|
|
@@ -27,9 +36,56 @@ var TOOLS = [
|
|
|
27
36
|
cwd: { type: "string", description: "Absolute path to the project root (default: process.cwd())" },
|
|
28
37
|
packageManager: { type: "string", enum: ["npm", "pnpm", "yarn"], description: "Package manager override (auto-detected by default)" },
|
|
29
38
|
dryRun: { type: "boolean", description: "If true, plan changes but write nothing (default: false)" },
|
|
30
|
-
|
|
39
|
+
preview: { type: "boolean", description: "If true, enforce non-mutating preview mode" },
|
|
40
|
+
runTests: { type: "boolean", description: "Run package-manager test command after applying fix (default: false)" },
|
|
31
41
|
llmProvider: { type: "string", enum: ["openai", "anthropic", "local"], description: "LLM provider override" },
|
|
32
|
-
patchesDir: { type: "string", description: "Directory to write .patch files (default: ./patches)" }
|
|
42
|
+
patchesDir: { type: "string", description: "Directory to write .patch files (default: ./patches)" },
|
|
43
|
+
policy: { type: "string", description: "Optional path to .autoremediator policy file" },
|
|
44
|
+
requestId: { type: "string", description: "Request correlation ID" },
|
|
45
|
+
sessionId: { type: "string", description: "Session correlation ID" },
|
|
46
|
+
parentRunId: { type: "string", description: "Parent run correlation ID" },
|
|
47
|
+
idempotencyKey: { type: "string", description: "Idempotency key for replay-safe execution" },
|
|
48
|
+
resume: { type: "boolean", description: "Return cached result for matching idempotency key when available" },
|
|
49
|
+
actor: { type: "string", description: "Actor identity for evidence provenance" },
|
|
50
|
+
source: { type: "string", enum: ["cli", "sdk", "mcp", "openapi", "unknown"], description: "Source system for provenance" },
|
|
51
|
+
constraints: {
|
|
52
|
+
type: "object",
|
|
53
|
+
properties: {
|
|
54
|
+
directDependenciesOnly: { type: "boolean" },
|
|
55
|
+
preferVersionBump: { type: "boolean" }
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
},
|
|
61
|
+
{
|
|
62
|
+
name: "planRemediation",
|
|
63
|
+
description: "Generate a non-mutating remediation preview for a single CVE in a Node.js project. Returns a RemediationReport with planned results.",
|
|
64
|
+
inputSchema: {
|
|
65
|
+
type: "object",
|
|
66
|
+
required: ["cveId"],
|
|
67
|
+
properties: {
|
|
68
|
+
cveId: { type: "string", description: "CVE ID, e.g. CVE-2021-23337" },
|
|
69
|
+
cwd: { type: "string", description: "Absolute path to the project root (default: process.cwd())" },
|
|
70
|
+
packageManager: { type: "string", enum: ["npm", "pnpm", "yarn"], description: "Package manager override (auto-detected by default)" },
|
|
71
|
+
runTests: { type: "boolean", description: "Run package-manager test command after applying fix (default: false)" },
|
|
72
|
+
llmProvider: { type: "string", enum: ["openai", "anthropic", "local"], description: "LLM provider override" },
|
|
73
|
+
patchesDir: { type: "string", description: "Directory to write .patch files (default: ./patches)" },
|
|
74
|
+
policy: { type: "string", description: "Optional path to .autoremediator policy file" },
|
|
75
|
+
requestId: { type: "string", description: "Request correlation ID" },
|
|
76
|
+
sessionId: { type: "string", description: "Session correlation ID" },
|
|
77
|
+
parentRunId: { type: "string", description: "Parent run correlation ID" },
|
|
78
|
+
idempotencyKey: { type: "string", description: "Idempotency key for replay-safe execution" },
|
|
79
|
+
resume: { type: "boolean", description: "Return cached result for matching idempotency key when available" },
|
|
80
|
+
actor: { type: "string", description: "Actor identity for evidence provenance" },
|
|
81
|
+
source: { type: "string", enum: ["cli", "sdk", "mcp", "openapi", "unknown"], description: "Source system for provenance" },
|
|
82
|
+
constraints: {
|
|
83
|
+
type: "object",
|
|
84
|
+
properties: {
|
|
85
|
+
directDependenciesOnly: { type: "boolean" },
|
|
86
|
+
preferVersionBump: { type: "boolean" }
|
|
87
|
+
}
|
|
88
|
+
}
|
|
33
89
|
}
|
|
34
90
|
}
|
|
35
91
|
},
|
|
@@ -45,23 +101,47 @@ var TOOLS = [
|
|
|
45
101
|
packageManager: { type: "string", enum: ["npm", "pnpm", "yarn"], description: "Package manager override (auto-detected by default)" },
|
|
46
102
|
format: { type: "string", enum: ["auto", "npm-audit", "yarn-audit", "sarif"], description: "Scanner format (default: auto)" },
|
|
47
103
|
dryRun: { type: "boolean", description: "If true, plan changes but write nothing" },
|
|
48
|
-
|
|
104
|
+
preview: { type: "boolean", description: "If true, enforce non-mutating preview mode" },
|
|
105
|
+
evidence: { type: "boolean", description: "Write evidence JSON to .autoremediator/evidence/ (default: true)" },
|
|
106
|
+
runTests: { type: "boolean", description: "Run package-manager test command after applying fix (default: false)" },
|
|
107
|
+
policy: { type: "string", description: "Optional path to .autoremediator policy file" },
|
|
108
|
+
requestId: { type: "string", description: "Request correlation ID" },
|
|
109
|
+
sessionId: { type: "string", description: "Session correlation ID" },
|
|
110
|
+
parentRunId: { type: "string", description: "Parent run correlation ID" },
|
|
111
|
+
idempotencyKey: { type: "string", description: "Idempotency key for replay-safe execution" },
|
|
112
|
+
resume: { type: "boolean", description: "Return cached result for matching idempotency key when available" },
|
|
113
|
+
actor: { type: "string", description: "Actor identity for evidence provenance" },
|
|
114
|
+
source: { type: "string", enum: ["cli", "sdk", "mcp", "openapi", "unknown"], description: "Source system for provenance" },
|
|
115
|
+
constraints: {
|
|
116
|
+
type: "object",
|
|
117
|
+
properties: {
|
|
118
|
+
directDependenciesOnly: { type: "boolean" },
|
|
119
|
+
preferVersionBump: { type: "boolean" }
|
|
120
|
+
}
|
|
121
|
+
}
|
|
49
122
|
}
|
|
50
123
|
}
|
|
51
124
|
}
|
|
52
125
|
];
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
126
|
+
async function handleToolCall(name, args = {}, deps = defaultDeps) {
|
|
127
|
+
const withMcpSource = (options) => ({
|
|
128
|
+
...options,
|
|
129
|
+
source: typeof options.source === "string" ? options.source : "mcp"
|
|
130
|
+
});
|
|
56
131
|
try {
|
|
57
132
|
if (name === "remediate") {
|
|
58
133
|
const { cveId, ...options } = args;
|
|
59
|
-
const report = await
|
|
134
|
+
const report = await deps.remediateFn(cveId, withMcpSource(options));
|
|
135
|
+
return { content: [{ type: "text", text: JSON.stringify(report, null, 2) }] };
|
|
136
|
+
}
|
|
137
|
+
if (name === "planRemediation") {
|
|
138
|
+
const { cveId, ...options } = args;
|
|
139
|
+
const report = await deps.planRemediationFn(cveId, withMcpSource(options));
|
|
60
140
|
return { content: [{ type: "text", text: JSON.stringify(report, null, 2) }] };
|
|
61
141
|
}
|
|
62
142
|
if (name === "remediateFromScan") {
|
|
63
143
|
const { inputPath, ...options } = args;
|
|
64
|
-
const report = await
|
|
144
|
+
const report = await deps.remediateFromScanFn(inputPath, withMcpSource(options));
|
|
65
145
|
return { content: [{ type: "text", text: JSON.stringify(report, null, 2) }] };
|
|
66
146
|
}
|
|
67
147
|
return {
|
|
@@ -74,7 +154,31 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
|
|
|
74
154
|
isError: true
|
|
75
155
|
};
|
|
76
156
|
}
|
|
77
|
-
}
|
|
78
|
-
|
|
79
|
-
|
|
157
|
+
}
|
|
158
|
+
function createMcpServer() {
|
|
159
|
+
const server = createBaseServer();
|
|
160
|
+
server.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: TOOLS }));
|
|
161
|
+
server.setRequestHandler(CallToolRequestSchema, async (request) => {
|
|
162
|
+
const { name, arguments: args } = request.params;
|
|
163
|
+
return handleToolCall(name, args ?? {});
|
|
164
|
+
});
|
|
165
|
+
return server;
|
|
166
|
+
}
|
|
167
|
+
async function startMcpServer() {
|
|
168
|
+
const transport = new StdioServerTransport();
|
|
169
|
+
const server = createMcpServer();
|
|
170
|
+
await server.connect(transport);
|
|
171
|
+
}
|
|
172
|
+
function isMainModule() {
|
|
173
|
+
if (!process.argv[1]) return false;
|
|
174
|
+
return fileURLToPath(import.meta.url) === process.argv[1];
|
|
175
|
+
}
|
|
176
|
+
if (isMainModule()) {
|
|
177
|
+
await startMcpServer();
|
|
178
|
+
}
|
|
179
|
+
export {
|
|
180
|
+
TOOLS,
|
|
181
|
+
createMcpServer,
|
|
182
|
+
handleToolCall
|
|
183
|
+
};
|
|
80
184
|
//# sourceMappingURL=server.js.map
|
package/dist/mcp/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/mcp/server.ts"],"sourcesContent":["#!/usr/bin/env node\n/**\n * autoremediator MCP server\n *\n * Exposes all autoremediator tools via the Model Context Protocol so LLM hosts\n * (Claude Desktop, Cursor, Copilot, etc.) can invoke them directly.\n *\n * Start: autoremediator-mcp (stdio transport)\n */\nimport { Server } from \"@modelcontextprotocol/sdk/server/index.js\";\nimport { StdioServerTransport } from \"@modelcontextprotocol/sdk/server/stdio.js\";\nimport {\n CallToolRequestSchema,\n ListToolsRequestSchema,\n} from \"@modelcontextprotocol/sdk/types.js\";\nimport { remediate, remediateFromScan } from \"../api.js\";\n\nconst server = new Server(\n { name: \"autoremediator\", version: \"0.1.2\" },\n { capabilities: { tools: {} } }\n);\n\n// ---------------------------------------------------------------------------\n// Tool definitions\n// ---------------------------------------------------------------------------\n\nconst TOOLS = [\n {\n name: \"remediate\",\n description:\n \"Remediate a single CVE in a Node.js project. Looks up the CVE, scans the project inventory, and applies a version bump or generates a patch file. Returns a RemediationReport.\",\n inputSchema: {\n type: \"object\",\n required: [\"cveId\"],\n properties: {\n cveId: { type: \"string\", description: \"CVE ID, e.g. CVE-2021-23337\" },\n cwd: { type: \"string\", description: \"Absolute path to the project root (default: process.cwd())\" },\n packageManager: { type: \"string\", enum: [\"npm\", \"pnpm\", \"yarn\"], description: \"Package manager override (auto-detected by default)\" },\n dryRun: { type: \"boolean\", description: \"If true, plan changes but write nothing (default: false)\" },\n skipTests: { type: \"boolean\", description: \"Skip package-manager test command after applying fix (default: true)\" },\n llmProvider: { type: \"string\", enum: [\"openai\", \"anthropic\", \"local\"], description: \"LLM provider override\" },\n patchesDir: { type: \"string\", description: \"Directory to write .patch files (default: ./patches)\" },\n },\n },\n },\n {\n name: \"remediateFromScan\",\n description:\n \"Parse an npm/pnpm/yarn audit JSON or SARIF scan file, extract all CVE IDs, and remediate each one. Returns a ScanReport.\",\n inputSchema: {\n type: \"object\",\n required: [\"inputPath\"],\n properties: {\n inputPath: { type: \"string\", description: \"Absolute path to the scanner output file\" },\n cwd: { type: \"string\", description: \"Absolute path to the project root\" },\n packageManager: { type: \"string\", enum: [\"npm\", \"pnpm\", \"yarn\"], description: \"Package manager override (auto-detected by default)\" },\n format: { type: \"string\", enum: [\"auto\", \"npm-audit\", \"yarn-audit\", \"sarif\"], description: \"Scanner format (default: auto)\" },\n dryRun: { type: \"boolean\", description: \"If true, plan changes but write nothing\" },\n writeEvidence: { type: \"boolean\", description: \"Write evidence JSON to .autoremediator/evidence/ (default: true)\" },\n },\n },\n },\n];\n\n// ---------------------------------------------------------------------------\n// Handlers\n// ---------------------------------------------------------------------------\n\nserver.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: TOOLS }));\n\nserver.setRequestHandler(CallToolRequestSchema, async (request) => {\n const { name, arguments: args } = request.params;\n\n try {\n if (name === \"remediate\") {\n const { cveId, ...options } = args as { cveId: string; [key: string]: unknown };\n const report = await remediate(cveId, options as Parameters<typeof remediate>[1]);\n return { content: [{ type: \"text\", text: JSON.stringify(report, null, 2) }] };\n }\n\n if (name === \"remediateFromScan\") {\n const { inputPath, ...options } = args as { inputPath: string; [key: string]: unknown };\n const report = await remediateFromScan(inputPath, options as Parameters<typeof remediateFromScan>[1]);\n return { content: [{ type: \"text\", text: JSON.stringify(report, null, 2) }] };\n }\n\n return {\n content: [{ type: \"text\", text: `Unknown tool: ${name}` }],\n isError: true,\n };\n } catch (err) {\n return {\n content: [{ type: \"text\", text: err instanceof Error ? err.message : String(err) }],\n isError: true,\n };\n }\n});\n\n// ---------------------------------------------------------------------------\n// Start\n// ---------------------------------------------------------------------------\n\nconst transport = new StdioServerTransport();\nawait server.connect(transport);\n"],"mappings":";;;;;;;AASA,SAAS,cAAc;AACvB,SAAS,4BAA4B;AACrC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AAGP,IAAM,SAAS,IAAI;AAAA,EACjB,EAAE,MAAM,kBAAkB,SAAS,QAAQ;AAAA,EAC3C,EAAE,cAAc,EAAE,OAAO,CAAC,EAAE,EAAE;AAChC;AAMA,IAAM,QAAQ;AAAA,EACZ;AAAA,IACE,MAAM;AAAA,IACN,aACE;AAAA,IACF,aAAa;AAAA,MACX,MAAM;AAAA,MACN,UAAU,CAAC,OAAO;AAAA,MAClB,YAAY;AAAA,QACV,OAAO,EAAE,MAAM,UAAU,aAAa,8BAA8B;AAAA,QACpE,KAAK,EAAE,MAAM,UAAU,aAAa,6DAA6D;AAAA,QACjG,gBAAgB,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,QAAQ,MAAM,GAAG,aAAa,sDAAsD;AAAA,QACpI,QAAQ,EAAE,MAAM,WAAW,aAAa,2DAA2D;AAAA,QACnG,WAAW,EAAE,MAAM,WAAW,aAAa,uEAAuE;AAAA,QAClH,aAAa,EAAE,MAAM,UAAU,MAAM,CAAC,UAAU,aAAa,OAAO,GAAG,aAAa,wBAAwB;AAAA,QAC5G,YAAY,EAAE,MAAM,UAAU,aAAa,uDAAuD;AAAA,MACpG;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aACE;AAAA,IACF,aAAa;AAAA,MACX,MAAM;AAAA,MACN,UAAU,CAAC,WAAW;AAAA,MACtB,YAAY;AAAA,QACV,WAAW,EAAE,MAAM,UAAU,aAAa,2CAA2C;AAAA,QACrF,KAAK,EAAE,MAAM,UAAU,aAAa,oCAAoC;AAAA,QACxE,gBAAgB,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,QAAQ,MAAM,GAAG,aAAa,sDAAsD;AAAA,QACpI,QAAQ,EAAE,MAAM,UAAU,MAAM,CAAC,QAAQ,aAAa,cAAc,OAAO,GAAG,aAAa,iCAAiC;AAAA,QAC5H,QAAQ,EAAE,MAAM,WAAW,aAAa,0CAA0C;AAAA,QAClF,eAAe,EAAE,MAAM,WAAW,aAAa,mEAAmE;AAAA,MACpH;AAAA,IACF;AAAA,EACF;AACF;AAMA,OAAO,kBAAkB,wBAAwB,aAAa,EAAE,OAAO,MAAM,EAAE;AAE/E,OAAO,kBAAkB,uBAAuB,OAAO,YAAY;AACjE,QAAM,EAAE,MAAM,WAAW,KAAK,IAAI,QAAQ;AAE1C,MAAI;AACF,QAAI,SAAS,aAAa;AACxB,YAAM,EAAE,OAAO,GAAG,QAAQ,IAAI;AAC9B,YAAM,SAAS,MAAM,UAAU,OAAO,OAA0C;AAChF,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC,EAAE;AAAA,IAC9E;AAEA,QAAI,SAAS,qBAAqB;AAChC,YAAM,EAAE,WAAW,GAAG,QAAQ,IAAI;AAClC,YAAM,SAAS,MAAM,kBAAkB,WAAW,OAAkD;AACpG,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC,EAAE;AAAA,IAC9E;AAEA,WAAO;AAAA,MACL,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,iBAAiB,IAAI,GAAG,CAAC;AAAA,MACzD,SAAS;AAAA,IACX;AAAA,EACF,SAAS,KAAK;AACZ,WAAO;AAAA,MACL,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,EAAE,CAAC;AAAA,MAClF,SAAS;AAAA,IACX;AAAA,EACF;AACF,CAAC;AAMD,IAAM,YAAY,IAAI,qBAAqB;AAC3C,MAAM,OAAO,QAAQ,SAAS;","names":[]}
|
|
1
|
+
{"version":3,"sources":["../../src/mcp/server.ts"],"sourcesContent":["#!/usr/bin/env node\n/**\n * autoremediator MCP server\n *\n * Exposes all autoremediator tools via the Model Context Protocol so LLM hosts\n * (Claude Desktop, Cursor, Copilot, etc.) can invoke them directly.\n *\n * Start: autoremediator-mcp (stdio transport)\n */\nimport { Server } from \"@modelcontextprotocol/sdk/server/index.js\";\nimport { StdioServerTransport } from \"@modelcontextprotocol/sdk/server/stdio.js\";\nimport {\n CallToolRequestSchema,\n ListToolsRequestSchema,\n} from \"@modelcontextprotocol/sdk/types.js\";\nimport { fileURLToPath } from \"node:url\";\nimport { planRemediation, remediate, remediateFromScan } from \"../api.js\";\n\ninterface McpApiDeps {\n remediateFn: typeof remediate;\n planRemediationFn: typeof planRemediation;\n remediateFromScanFn: typeof remediateFromScan;\n}\n\nconst defaultDeps: McpApiDeps = {\n remediateFn: remediate,\n planRemediationFn: planRemediation,\n remediateFromScanFn: remediateFromScan,\n};\n\nfunction createBaseServer(): Server {\n return new Server(\n { name: \"autoremediator\", version: \"0.1.2\" },\n { capabilities: { tools: {} } }\n );\n}\n\n// ---------------------------------------------------------------------------\n// Tool definitions\n// ---------------------------------------------------------------------------\n\nexport const TOOLS = [\n {\n name: \"remediate\",\n description:\n \"Remediate a single CVE in a Node.js project. Looks up the CVE, scans the project inventory, and applies a version bump or generates a patch file. Returns a RemediationReport.\",\n inputSchema: {\n type: \"object\",\n required: [\"cveId\"],\n properties: {\n cveId: { type: \"string\", description: \"CVE ID, e.g. CVE-2021-23337\" },\n cwd: { type: \"string\", description: \"Absolute path to the project root (default: process.cwd())\" },\n packageManager: { type: \"string\", enum: [\"npm\", \"pnpm\", \"yarn\"], description: \"Package manager override (auto-detected by default)\" },\n dryRun: { type: \"boolean\", description: \"If true, plan changes but write nothing (default: false)\" },\n preview: { type: \"boolean\", description: \"If true, enforce non-mutating preview mode\" },\n runTests: { type: \"boolean\", description: \"Run package-manager test command after applying fix (default: false)\" },\n llmProvider: { type: \"string\", enum: [\"openai\", \"anthropic\", \"local\"], description: \"LLM provider override\" },\n patchesDir: { type: \"string\", description: \"Directory to write .patch files (default: ./patches)\" },\n policy: { type: \"string\", description: \"Optional path to .autoremediator policy file\" },\n requestId: { type: \"string\", description: \"Request correlation ID\" },\n sessionId: { type: \"string\", description: \"Session correlation ID\" },\n parentRunId: { type: \"string\", description: \"Parent run correlation ID\" },\n idempotencyKey: { type: \"string\", description: \"Idempotency key for replay-safe execution\" },\n resume: { type: \"boolean\", description: \"Return cached result for matching idempotency key when available\" },\n actor: { type: \"string\", description: \"Actor identity for evidence provenance\" },\n source: { type: \"string\", enum: [\"cli\", \"sdk\", \"mcp\", \"openapi\", \"unknown\"], description: \"Source system for provenance\" },\n constraints: {\n type: \"object\",\n properties: {\n directDependenciesOnly: { type: \"boolean\" },\n preferVersionBump: { type: \"boolean\" },\n },\n },\n },\n },\n },\n {\n name: \"planRemediation\",\n description:\n \"Generate a non-mutating remediation preview for a single CVE in a Node.js project. Returns a RemediationReport with planned results.\",\n inputSchema: {\n type: \"object\",\n required: [\"cveId\"],\n properties: {\n cveId: { type: \"string\", description: \"CVE ID, e.g. CVE-2021-23337\" },\n cwd: { type: \"string\", description: \"Absolute path to the project root (default: process.cwd())\" },\n packageManager: { type: \"string\", enum: [\"npm\", \"pnpm\", \"yarn\"], description: \"Package manager override (auto-detected by default)\" },\n runTests: { type: \"boolean\", description: \"Run package-manager test command after applying fix (default: false)\" },\n llmProvider: { type: \"string\", enum: [\"openai\", \"anthropic\", \"local\"], description: \"LLM provider override\" },\n patchesDir: { type: \"string\", description: \"Directory to write .patch files (default: ./patches)\" },\n policy: { type: \"string\", description: \"Optional path to .autoremediator policy file\" },\n requestId: { type: \"string\", description: \"Request correlation ID\" },\n sessionId: { type: \"string\", description: \"Session correlation ID\" },\n parentRunId: { type: \"string\", description: \"Parent run correlation ID\" },\n idempotencyKey: { type: \"string\", description: \"Idempotency key for replay-safe execution\" },\n resume: { type: \"boolean\", description: \"Return cached result for matching idempotency key when available\" },\n actor: { type: \"string\", description: \"Actor identity for evidence provenance\" },\n source: { type: \"string\", enum: [\"cli\", \"sdk\", \"mcp\", \"openapi\", \"unknown\"], description: \"Source system for provenance\" },\n constraints: {\n type: \"object\",\n properties: {\n directDependenciesOnly: { type: \"boolean\" },\n preferVersionBump: { type: \"boolean\" },\n },\n },\n },\n },\n },\n {\n name: \"remediateFromScan\",\n description:\n \"Parse an npm/pnpm/yarn audit JSON or SARIF scan file, extract all CVE IDs, and remediate each one. Returns a ScanReport.\",\n inputSchema: {\n type: \"object\",\n required: [\"inputPath\"],\n properties: {\n inputPath: { type: \"string\", description: \"Absolute path to the scanner output file\" },\n cwd: { type: \"string\", description: \"Absolute path to the project root\" },\n packageManager: { type: \"string\", enum: [\"npm\", \"pnpm\", \"yarn\"], description: \"Package manager override (auto-detected by default)\" },\n format: { type: \"string\", enum: [\"auto\", \"npm-audit\", \"yarn-audit\", \"sarif\"], description: \"Scanner format (default: auto)\" },\n dryRun: { type: \"boolean\", description: \"If true, plan changes but write nothing\" },\n preview: { type: \"boolean\", description: \"If true, enforce non-mutating preview mode\" },\n evidence: { type: \"boolean\", description: \"Write evidence JSON to .autoremediator/evidence/ (default: true)\" },\n runTests: { type: \"boolean\", description: \"Run package-manager test command after applying fix (default: false)\" },\n policy: { type: \"string\", description: \"Optional path to .autoremediator policy file\" },\n requestId: { type: \"string\", description: \"Request correlation ID\" },\n sessionId: { type: \"string\", description: \"Session correlation ID\" },\n parentRunId: { type: \"string\", description: \"Parent run correlation ID\" },\n idempotencyKey: { type: \"string\", description: \"Idempotency key for replay-safe execution\" },\n resume: { type: \"boolean\", description: \"Return cached result for matching idempotency key when available\" },\n actor: { type: \"string\", description: \"Actor identity for evidence provenance\" },\n source: { type: \"string\", enum: [\"cli\", \"sdk\", \"mcp\", \"openapi\", \"unknown\"], description: \"Source system for provenance\" },\n constraints: {\n type: \"object\",\n properties: {\n directDependenciesOnly: { type: \"boolean\" },\n preferVersionBump: { type: \"boolean\" },\n },\n },\n },\n },\n },\n];\n\nexport async function handleToolCall(\n name: string,\n args: Record<string, unknown> = {},\n deps: McpApiDeps = defaultDeps\n): Promise<{ content: Array<{ type: \"text\"; text: string }>; isError?: boolean }> {\n const withMcpSource = (options: Record<string, unknown>): Record<string, unknown> => ({\n ...options,\n source: typeof options.source === \"string\" ? options.source : \"mcp\",\n });\n\n try {\n if (name === \"remediate\") {\n const { cveId, ...options } = args as { cveId: string; [key: string]: unknown };\n const report = await deps.remediateFn(cveId, withMcpSource(options) as Parameters<typeof remediate>[1]);\n return { content: [{ type: \"text\", text: JSON.stringify(report, null, 2) }] };\n }\n\n if (name === \"planRemediation\") {\n const { cveId, ...options } = args as { cveId: string; [key: string]: unknown };\n const report = await deps.planRemediationFn(cveId, withMcpSource(options) as Parameters<typeof planRemediation>[1]);\n return { content: [{ type: \"text\", text: JSON.stringify(report, null, 2) }] };\n }\n\n if (name === \"remediateFromScan\") {\n const { inputPath, ...options } = args as { inputPath: string; [key: string]: unknown };\n const report = await deps.remediateFromScanFn(inputPath, withMcpSource(options) as Parameters<typeof remediateFromScan>[1]);\n return { content: [{ type: \"text\", text: JSON.stringify(report, null, 2) }] };\n }\n\n return {\n content: [{ type: \"text\", text: `Unknown tool: ${name}` }],\n isError: true,\n };\n } catch (err) {\n return {\n content: [{ type: \"text\", text: err instanceof Error ? err.message : String(err) }],\n isError: true,\n };\n }\n}\n\nexport function createMcpServer(): Server {\n const server = createBaseServer();\n\n server.setRequestHandler(ListToolsRequestSchema, async () => ({ tools: TOOLS }));\n\n server.setRequestHandler(CallToolRequestSchema, async (request) => {\n const { name, arguments: args } = request.params;\n return handleToolCall(name, (args ?? {}) as Record<string, unknown>);\n });\n\n return server;\n}\n\n// ---------------------------------------------------------------------------\n// Start\n// ---------------------------------------------------------------------------\n\nasync function startMcpServer(): Promise<void> {\n const transport = new StdioServerTransport();\n const server = createMcpServer();\n await server.connect(transport);\n}\n\nfunction isMainModule(): boolean {\n if (!process.argv[1]) return false;\n return fileURLToPath(import.meta.url) === process.argv[1];\n}\n\nif (isMainModule()) {\n await startMcpServer();\n}\n"],"mappings":";;;;;;;;AASA,SAAS,cAAc;AACvB,SAAS,4BAA4B;AACrC;AAAA,EACE;AAAA,EACA;AAAA,OACK;AACP,SAAS,qBAAqB;AAS9B,IAAM,cAA0B;AAAA,EAC9B,aAAa;AAAA,EACb,mBAAmB;AAAA,EACnB,qBAAqB;AACvB;AAEA,SAAS,mBAA2B;AAClC,SAAO,IAAI;AAAA,IACT,EAAE,MAAM,kBAAkB,SAAS,QAAQ;AAAA,IAC3C,EAAE,cAAc,EAAE,OAAO,CAAC,EAAE,EAAE;AAAA,EAChC;AACF;AAMO,IAAM,QAAQ;AAAA,EACnB;AAAA,IACE,MAAM;AAAA,IACN,aACE;AAAA,IACF,aAAa;AAAA,MACX,MAAM;AAAA,MACN,UAAU,CAAC,OAAO;AAAA,MAClB,YAAY;AAAA,QACV,OAAO,EAAE,MAAM,UAAU,aAAa,8BAA8B;AAAA,QACpE,KAAK,EAAE,MAAM,UAAU,aAAa,6DAA6D;AAAA,QACjG,gBAAgB,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,QAAQ,MAAM,GAAG,aAAa,sDAAsD;AAAA,QACpI,QAAQ,EAAE,MAAM,WAAW,aAAa,2DAA2D;AAAA,QACnG,SAAS,EAAE,MAAM,WAAW,aAAa,6CAA6C;AAAA,QACtF,UAAU,EAAE,MAAM,WAAW,aAAa,uEAAuE;AAAA,QACjH,aAAa,EAAE,MAAM,UAAU,MAAM,CAAC,UAAU,aAAa,OAAO,GAAG,aAAa,wBAAwB;AAAA,QAC5G,YAAY,EAAE,MAAM,UAAU,aAAa,uDAAuD;AAAA,QAClG,QAAQ,EAAE,MAAM,UAAU,aAAa,+CAA+C;AAAA,QACtF,WAAW,EAAE,MAAM,UAAU,aAAa,yBAAyB;AAAA,QACnE,WAAW,EAAE,MAAM,UAAU,aAAa,yBAAyB;AAAA,QACnE,aAAa,EAAE,MAAM,UAAU,aAAa,4BAA4B;AAAA,QACxE,gBAAgB,EAAE,MAAM,UAAU,aAAa,4CAA4C;AAAA,QAC3F,QAAQ,EAAE,MAAM,WAAW,aAAa,mEAAmE;AAAA,QAC3G,OAAO,EAAE,MAAM,UAAU,aAAa,yCAAyC;AAAA,QAC/E,QAAQ,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,OAAO,OAAO,WAAW,SAAS,GAAG,aAAa,+BAA+B;AAAA,QACzH,aAAa;AAAA,UACX,MAAM;AAAA,UACN,YAAY;AAAA,YACV,wBAAwB,EAAE,MAAM,UAAU;AAAA,YAC1C,mBAAmB,EAAE,MAAM,UAAU;AAAA,UACvC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aACE;AAAA,IACF,aAAa;AAAA,MACX,MAAM;AAAA,MACN,UAAU,CAAC,OAAO;AAAA,MAClB,YAAY;AAAA,QACV,OAAO,EAAE,MAAM,UAAU,aAAa,8BAA8B;AAAA,QACpE,KAAK,EAAE,MAAM,UAAU,aAAa,6DAA6D;AAAA,QACjG,gBAAgB,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,QAAQ,MAAM,GAAG,aAAa,sDAAsD;AAAA,QACpI,UAAU,EAAE,MAAM,WAAW,aAAa,uEAAuE;AAAA,QACjH,aAAa,EAAE,MAAM,UAAU,MAAM,CAAC,UAAU,aAAa,OAAO,GAAG,aAAa,wBAAwB;AAAA,QAC5G,YAAY,EAAE,MAAM,UAAU,aAAa,uDAAuD;AAAA,QAClG,QAAQ,EAAE,MAAM,UAAU,aAAa,+CAA+C;AAAA,QACtF,WAAW,EAAE,MAAM,UAAU,aAAa,yBAAyB;AAAA,QACnE,WAAW,EAAE,MAAM,UAAU,aAAa,yBAAyB;AAAA,QACnE,aAAa,EAAE,MAAM,UAAU,aAAa,4BAA4B;AAAA,QACxE,gBAAgB,EAAE,MAAM,UAAU,aAAa,4CAA4C;AAAA,QAC3F,QAAQ,EAAE,MAAM,WAAW,aAAa,mEAAmE;AAAA,QAC3G,OAAO,EAAE,MAAM,UAAU,aAAa,yCAAyC;AAAA,QAC/E,QAAQ,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,OAAO,OAAO,WAAW,SAAS,GAAG,aAAa,+BAA+B;AAAA,QACzH,aAAa;AAAA,UACX,MAAM;AAAA,UACN,YAAY;AAAA,YACV,wBAAwB,EAAE,MAAM,UAAU;AAAA,YAC1C,mBAAmB,EAAE,MAAM,UAAU;AAAA,UACvC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aACE;AAAA,IACF,aAAa;AAAA,MACX,MAAM;AAAA,MACN,UAAU,CAAC,WAAW;AAAA,MACtB,YAAY;AAAA,QACV,WAAW,EAAE,MAAM,UAAU,aAAa,2CAA2C;AAAA,QACrF,KAAK,EAAE,MAAM,UAAU,aAAa,oCAAoC;AAAA,QACxE,gBAAgB,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,QAAQ,MAAM,GAAG,aAAa,sDAAsD;AAAA,QACpI,QAAQ,EAAE,MAAM,UAAU,MAAM,CAAC,QAAQ,aAAa,cAAc,OAAO,GAAG,aAAa,iCAAiC;AAAA,QAC5H,QAAQ,EAAE,MAAM,WAAW,aAAa,0CAA0C;AAAA,QAClF,SAAS,EAAE,MAAM,WAAW,aAAa,6CAA6C;AAAA,QACtF,UAAU,EAAE,MAAM,WAAW,aAAa,mEAAmE;AAAA,QAC7G,UAAU,EAAE,MAAM,WAAW,aAAa,uEAAuE;AAAA,QACjH,QAAQ,EAAE,MAAM,UAAU,aAAa,+CAA+C;AAAA,QACtF,WAAW,EAAE,MAAM,UAAU,aAAa,yBAAyB;AAAA,QACnE,WAAW,EAAE,MAAM,UAAU,aAAa,yBAAyB;AAAA,QACnE,aAAa,EAAE,MAAM,UAAU,aAAa,4BAA4B;AAAA,QACxE,gBAAgB,EAAE,MAAM,UAAU,aAAa,4CAA4C;AAAA,QAC3F,QAAQ,EAAE,MAAM,WAAW,aAAa,mEAAmE;AAAA,QAC3G,OAAO,EAAE,MAAM,UAAU,aAAa,yCAAyC;AAAA,QAC/E,QAAQ,EAAE,MAAM,UAAU,MAAM,CAAC,OAAO,OAAO,OAAO,WAAW,SAAS,GAAG,aAAa,+BAA+B;AAAA,QACzH,aAAa;AAAA,UACX,MAAM;AAAA,UACN,YAAY;AAAA,YACV,wBAAwB,EAAE,MAAM,UAAU;AAAA,YAC1C,mBAAmB,EAAE,MAAM,UAAU;AAAA,UACvC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;AAEA,eAAsB,eACpB,MACA,OAAgC,CAAC,GACjC,OAAmB,aAC6D;AAChF,QAAM,gBAAgB,CAAC,aAA+D;AAAA,IACpF,GAAG;AAAA,IACH,QAAQ,OAAO,QAAQ,WAAW,WAAW,QAAQ,SAAS;AAAA,EAChE;AAEA,MAAI;AACF,QAAI,SAAS,aAAa;AACxB,YAAM,EAAE,OAAO,GAAG,QAAQ,IAAI;AAC9B,YAAM,SAAS,MAAM,KAAK,YAAY,OAAO,cAAc,OAAO,CAAoC;AACtG,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC,EAAE;AAAA,IAC9E;AAEA,QAAI,SAAS,mBAAmB;AAC9B,YAAM,EAAE,OAAO,GAAG,QAAQ,IAAI;AAC9B,YAAM,SAAS,MAAM,KAAK,kBAAkB,OAAO,cAAc,OAAO,CAA0C;AAClH,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC,EAAE;AAAA,IAC9E;AAEA,QAAI,SAAS,qBAAqB;AAChC,YAAM,EAAE,WAAW,GAAG,QAAQ,IAAI;AAClC,YAAM,SAAS,MAAM,KAAK,oBAAoB,WAAW,cAAc,OAAO,CAA4C;AAC1H,aAAO,EAAE,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,KAAK,UAAU,QAAQ,MAAM,CAAC,EAAE,CAAC,EAAE;AAAA,IAC9E;AAEA,WAAO;AAAA,MACL,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,iBAAiB,IAAI,GAAG,CAAC;AAAA,MACzD,SAAS;AAAA,IACX;AAAA,EACF,SAAS,KAAK;AACZ,WAAO;AAAA,MACL,SAAS,CAAC,EAAE,MAAM,QAAQ,MAAM,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,EAAE,CAAC;AAAA,MAClF,SAAS;AAAA,IACX;AAAA,EACF;AACF;AAEO,SAAS,kBAA0B;AACxC,QAAM,SAAS,iBAAiB;AAEhC,SAAO,kBAAkB,wBAAwB,aAAa,EAAE,OAAO,MAAM,EAAE;AAE/E,SAAO,kBAAkB,uBAAuB,OAAO,YAAY;AACjE,UAAM,EAAE,MAAM,WAAW,KAAK,IAAI,QAAQ;AAC1C,WAAO,eAAe,MAAO,QAAQ,CAAC,CAA6B;AAAA,EACrE,CAAC;AAED,SAAO;AACT;AAMA,eAAe,iBAAgC;AAC7C,QAAM,YAAY,IAAI,qBAAqB;AAC3C,QAAM,SAAS,gBAAgB;AAC/B,QAAM,OAAO,QAAQ,SAAS;AAChC;AAEA,SAAS,eAAwB;AAC/B,MAAI,CAAC,QAAQ,KAAK,CAAC,EAAG,QAAO;AAC7B,SAAO,cAAc,YAAY,GAAG,MAAM,QAAQ,KAAK,CAAC;AAC1D;AAEA,IAAI,aAAa,GAAG;AAClB,QAAM,eAAe;AACvB;","names":[]}
|