cdp-mcp 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Leonard Janke
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,240 @@
+# cdp-mcp
+
+A Model Context Protocol (MCP) server that exposes the Chrome DevTools Protocol (CDP) to AI agents as a **TypeScript-aware frontend debugger**.
+
+Designed for agents running in CLIs (Claude Code, GitHub Copilot CLI) that have local source + source-map access. Coordinates flow in TS terms; the server translates to JS for CDP under the hood.
+
+**Status:** alpha (v0.1.0). **License:** [MIT](./LICENSE).
+
+## What it gives an agent
+
+Across 39 tools:
+
+- **Breakpoints in TS source** — `set_breakpoint(file="src/foo.ts", line=42, condition?, log_message?)`. The server matches source maps and binds in every script that maps back to that file.
+- **Stepping** — `step_over`, `step_into`, `step_out`, `resume`, `pause`, plus the authoritative sync point `wait_for_pause`.
+- **Live inspection at a paused frame** — `get_call_stack`, `get_scope`, `evaluate` (frame-aware), `get_object_properties`. All call-stack frames are TS-mapped.
+- **Buffered console + network** — pull-based, paginated by monotonic `seq`. Bodies are lazy-loaded via `get_request_body` / `get_response_body`.
+- **Light DOM interaction** — `query_selector`, `click`, `type_text`, `press_key`, `screenshot` so the agent can drive a flow to a breakpoint.
+- **Structured DOM querying** — Playwright-inspired `locate` (LocatorSpec: CSS, text, role, test-id, label, placeholder, name), `wait_for` (poll until DOM state), `get_form_state` (read named form fields).
+- **Source-map diagnostics** — `list_scripts`, `resolve_source_position`, `get_script_source`.
+
+Auto-attaches to iframes and workers via `Target.setAutoAttach({ flatten: true })`.
+
+## Install / build
+
+```sh
+npm install
+npm run build
+node dist/index.js                    # stdio MCP transport (default — this is what Claude Code launches)
+node dist/index.js --port 9719        # SSE MCP transport on 127.0.0.1:9719
+node dist/index.js --host 0.0.0.0 --port 9719 --allow-remote
+```
+
+SSE mode caveats:
+
+- **Single-client only.** Every `/sse` connection gets its own `McpServer`,
+  but every tool funnels through one process-global `sessionState` — two
+  concurrent clients race on the same browser (shared pause state,
+  breakpoints, console/network buffers; `launch_chrome` from client B
+  tears down client A's session).
+- **Non-loopback bind requires opt-in.** `--allow-remote` (or
+  `CDP_MCP_ALLOW_REMOTE=1`) is required to bind to anything other than
+  loopback. MCP tools include `evaluate` (in-page code exec) and a
+  `screenshot path=` filesystem write; the gate makes remote exposure
+  a deliberate operator decision rather than a default.
+- **Host / Origin headers are validated on loopback binds** to block
+  DNS-rebinding against `127.0.0.1` / `localhost` / `[::1]`. On
+  non-loopback binds the operator has already accepted exposure via
+  `--allow-remote`, and the server can't statically enumerate every
+  hostname/IP a LAN/VPN/DNS client might reach it by — those checks
+  are skipped. If you need per-`Host` policy on a LAN/WAN deployment,
+  front the server with a reverse proxy that enforces it.
+
+Smoke test (no browser needed — verifies the protocol surface):
+
+```sh
+npm run smoke
+```
+
+Unit + L2 contract tests (~640ms, no browser, no LLM):
+
+```sh
+npm test
+```
+
+Currently 299 tests across 22 files. The `test/` tree is the L2 contract
+layer (every tool exercised against a fake CDP — see `test/fake-cdp.ts`);
+the inline `src/**/*.test.ts` files are L1 pure-data tests; `evals/**/
+*.test.ts` cover the L4 harness's grader/trace/oracle units (21 tests).
+See `docs/test-eval-plan.md` for the full pyramid.
+
+### L3 — real-browser end-to-end
+
+```sh
+npm run test:e2e
+```
+
+Drives the 39 MCP tools against a real headless Chromium attached to a
+built copy of `examples/sample-app/`. Nine specs cover lifecycle, breakpoints,
+stepping, exceptions, console, network, workers, screenshot, and DOM
+interaction. Sequential (one Chrome shared across specs, isolated by a
+shared `afterEach(close_session)`). Run time is a few seconds on a warm
+machine.
+
+**Browser selection (`CDP_TEST_BROWSER` env, default `chromium`)**:
+
+| Linux x86_64 | Linux ARM64 (primary local) | macOS | Windows |
+|---|---|---|---|
+| `chromium`: Playwright's bundled binary, system chromium, or apt | `chromium`: Playwright's bundled binary or apt (`/snap/bin/chromium` honored with snap-confinement userDataDir workaround) | `chromium`: Homebrew / Playwright bundled | `chromium`: Playwright bundled (set `CDP_TEST_BROWSER_PATH`) |
+| `chrome`: chrome-launcher auto-detect | **not supported** — fail-fast | `chrome`: chrome-launcher auto-detect | `chrome`: chrome-launcher auto-detect |
+
+**Local-Windows status**: at the time L3 landed, `chrome-launcher` 1.2.1 fails
+to bind to its own picked port on Windows 11 (ECONNREFUSED inside chrome-
+launcher's startup poll) regardless of headless mode, Chrome stable vs
+Playwright Chromium, or explicit ports. The same code path works on Linux
+where CI runs. If you need to test L3 changes locally on Windows, run them
+under WSL2 (Ubuntu) or push and let CI validate. The unit + L2 tests work
+fine on Windows.
+
+Setting an explicit binary path (for example, after running
+`npx playwright install chromium` locally on Linux) lets the resolver skip
+detection and use the bundled binary:
+
+```sh
+export CDP_TEST_BROWSER_PATH="$HOME/.cache/ms-playwright/chromium-1223/chrome-linux/chrome"
+npm run test:e2e
+```
+
+Any spec failing on Chromium-only but passing on Chrome stable should land
+with a `// @chromium-skip — <gap-id>` comment AND a row in
+`docs/known-chromium-gaps.md` — `npm run lint:chromium-skips` (and the
+pretest hook) enforces this.
+
+`launch_chrome` defaults to `--no-sandbox` for Ubuntu/Playwright-Chromium
+compatibility. See [`docs/chromium-sandboxing.md`](docs/chromium-sandboxing.md)
+before changing that default or relying on `sandbox: true`, AppArmor, snap
+confinement, or Bubblewrap.
+
+### L4 — LLM agent evals
+
+```sh
+export ANTHROPIC_API_KEY=...
+npm run eval:quick                 # 1 scenario × 1 trial (~$0.50–2 at default Opus-4.7-medium; ~$0.05 with EVAL_MODEL_OVERRIDE=claude-sonnet-4-6)
+npm run eval                       # all scenarios × 3 trials (first observed ~$4 at default Opus-4.7-medium on a reference host — one data point, not the steady-state band)
+npm run eval -- --scenarios=compute-step --trials=1
+```
+
+Use `npm run eval` (or `npm run eval:quick`) — NOT `npx tsx evals/cli.ts` directly. The npm script triggers the `preeval` lifecycle hook which rebuilds `dist/index.js` (the MCP subprocess); calling tsx directly bypasses the hook and a fresh clone fails with `Cannot find module '.../dist/index.js'`. If you must invoke tsx directly, run `npm run build` first.
+
+Drives the cdp-mcp tool surface through an LLM agent via the
+`VendorAdapter` seam (`evals/harness/vendor.ts`); the Anthropic adapter
+backed by `@anthropic-ai/sdk` is the default and only production path
+today. Each trial spawns a fresh `dist/index.js` MCP subprocess + a
+static server for the scenario's sample-app variant; the tool-use loop
+drives the page, sets source-level breakpoints, inspects pauses, and
+produces a natural-language final answer. NDJSON traces land under
+`evals/runs/<run-id>/` (gitignored). A programmatic oracle per scenario
+(no LLM judge) emits a dual-axis verdict — **mechanic** (did the agent
+exercise the debugger workflow under test) + **correctness** (did the
+final answer name the bug) — plus efficiency ratio and recovery count.
+
+**Default model**: `claude-opus-4-7` with adaptive thinking at
+`effort=medium` (set in `evals/harness/model.ts`). Adaptive-style models
+(Opus 4.7+) default to medium-effort thinking when no env override is
+set; budget-style models (Sonnet 4.6, selectable via
+`EVAL_MODEL_OVERRIDE`) keep extended thinking **off** by default for the
+cheap-baseline path. Override via env:
+
+- `EVAL_MODEL_OVERRIDE=claude-sonnet-4-6` — switch to the budget-style
+  Sonnet baseline (no thinking by default; ~$5–10/full run).
+- `EVAL_REASONING_LEVEL=none|low|medium|high|xhigh|max` — pick a tier
+  (or explicit `none` to disable on adaptive models). On budget-style
+  models each tier maps to a default `budget_tokens` in
+  `TIER_BUDGET_TOKENS` (high=16K). On adaptive models the tier maps
+  directly to Anthropic's `effort` parameter.
+- `EVAL_REASONING_BUDGET=N` — override the budget on budget-style
+  models. Used alone the level is tagged `custom`; used alongside
+  `EVAL_REASONING_LEVEL` it overrides that tier's default.
+
+Thinking-on runs are non-deterministic (Anthropic requires
+`temperature=1` with `thinking`), so use `--trials >= 3` to characterize
+variance. Cost-cap: `$100` per `npm run eval` invocation (override via
+`EVAL_BUDGET_USD` env). Rotation across the Anthropic family + GPT-5.5
+is a follow-up — see the proposal at
+[`docs/eval-model-rotation-proposal.md`](docs/eval-model-rotation-proposal.md).
+
+Caching: the system prompt + tool list are tagged `cache_control:
+ephemeral`. The system block (~280 tokens) is below Anthropic's
+~1024-token cache-breakpoint minimum, so only the ~5K-token tools array
+actually caches across trials — that's enough to dominate the input
+cost across trial 2+. Verify post-run via the `cacheTokens` field on
+each `t:"usage"` trace entry (the Anthropic adapter populates
+`cacheTokens.cacheReadInputTokens` and `cacheTokens.cacheCreationInputTokens`
+verbatim from the SDK's `cache_read_input_tokens` / `cache_creation_input_tokens`).
+
+Non-Anthropic backends: the OpenAI vendor adapter ships with #50/#58
+(target: GPT-5.5) — `EVAL_PROVIDER=openai` plus `OPENAI_API_KEY`
++ `EVAL_OPENAI_MODEL` activates it. Reasoning-off trials route to
+`/v1/chat/completions` (#50); reasoning-on trials route to
+`/v1/responses` (#58), the only OpenAI surface that supports tools
+× reasoning_effort on GPT-5.5. An LM Studio investigation artifact
+is wired behind the same seam for issue #45. See
+[evals/README.md](evals/README.md) for full `EVAL_PROVIDER` /
+`EVAL_OPENAI_*` / `EVAL_LM_STUDIO_*` details. Vertex (#51) is the last
+backend adapter still pending.
+
+Currently registered scenarios (8): `compute-step` and
+`adversarial-out-of-order` ship against the canonical `examples/sample-app/`;
+`network-bug`, `console-error`, `event-binding`, `deep-source-map`,
+`worker-bug`, and `conditional-bp` have committed per-scenario forks
+under `evals/sample-app-variants/<name>/` and build via
+`npm run sample:build` (`scripts/build-variants.mjs`).
+
+## Wire into Claude Code
+
+```sh
+claude mcp add cdp-mcp node /absolute/path/to/dist/index.js
+```
+
+Or via `~/.claude.json`:
+
+```json
+{
+  "mcpServers": {
+    "cdp-mcp": { "command": "node", "args": ["/abs/path/dist/index.js"] }
+  }
+}
+```
+
+## End-to-end smoke (with a browser)
+
+1. Install the sample app's deps and start it:
+   ```sh
+   cd examples/sample-app
+   npm install
+   npm run dev          # listens on :5173
+   ```
+2. In a Claude Code session with `cdp-mcp` enabled, ask:
+   > Open localhost:5173 in a non-headless browser. Set a breakpoint at src/handlers.ts:7. Click #go. When it pauses, tell me what `step` is — and why the counter increments wrong.
+3. The agent should chain: `launch_chrome` → `set_breakpoint` → `click` → `wait_for_pause` → `get_scope`/`evaluate` → `resume`, and conclude that `computeStep()` returns `2` instead of `1`.
+
+## Tool conventions for agents
+
+- **File coords are TS, 1-based lines, 0-based columns** unless the tool name ends in `_js` or takes a `script_id`.
+- **Pause-only tools** (`get_call_stack`, `get_scope`, `evaluate` with `frame_index`): return `error: "not_paused"` if called outside a pause.
+- **Buffered tools** (`get_console_logs`, `get_network_requests`): return a `cursor` (max `seq` seen). Pass it back as `since` to paginate.
+- **Errors** come back as `isError: true` with a structured `{ error, message }` JSON payload.
+- **Compact returns**: previews trimmed to ~200 chars, lists capped at sensible defaults — bodies lazy-loaded via dedicated tools.
+
+## Prior art
+
+If `cdp-mcp` doesn't fit your workflow, look at:
+- [`InDate/cdp-tools-mcp`](https://github.com/InDate/cdp-tools-mcp)
+- [`ScriptedAlchemy/devtools-debugger-mcp`](https://github.com/ScriptedAlchemy/devtools-debugger-mcp) (Node-focused)
+- [`ChromeDevTools/chrome-devtools-mcp`](https://github.com/ChromeDevTools/chrome-devtools-mcp) (automation + console, no breakpoints)
+
+## Out of scope for v1
+
+Firefox / Safari, Node.js debugging, `Storage.*`, `Tracing.*`, `HeapProfiler.*`, concurrent multi-page debugging.
+
+See [design notes](docs/design-notes.md) — original plan snapshot + a section on what reviewer iteration discovered.

package/dist/index.js

@@ -0,0 +1,345 @@
+#!/usr/bin/env node
+import { createServer } from "node:http";
+import { SSEServerTransport } from "@modelcontextprotocol/sdk/server/sse.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { buildServer } from "./server.js";
+import { getSession, sessionState } from "./session/state.js";
+import { log } from "./util/log.js";
+const LOOPBACK_HOSTS = new Set(["127.0.0.1", "localhost", "::1"]);
+function isLoopbackHost(host) {
+    return LOOPBACK_HOSTS.has(host);
+}
+function parseArgs(args) {
+    let port;
+    let host = "127.0.0.1";
+    let allowRemote = process.env.CDP_MCP_ALLOW_REMOTE === "1";
+    for (let index = 0; index < args.length; index += 1) {
+        const arg = args[index];
+        if (!arg) {
+            continue;
+        }
+        if (arg === "--help" || arg === "-h") {
+            process.stderr.write([
+                "Usage:",
+                "  cdp-mcp                                  # stdio MCP transport",
+                "  cdp-mcp --port 9719                      # SSE MCP transport on 127.0.0.1:9719",
+                "  cdp-mcp --host 0.0.0.0 --port 9719 --allow-remote",
+                "",
+                "SSE mode caveats:",
+                "  - Single-client only: concurrent /sse connections race on a",
+                "    shared browser session (sessionState is process-global).",
+                "  - Non-loopback bind requires --allow-remote (or",
+                "    CDP_MCP_ALLOW_REMOTE=1). MCP tools include in-page eval and",
+                "    server-filesystem writes; exposing them remotely without",
+                "    further auth is a deliberate operator decision.",
+                "  - Host / Origin headers are validated against the loopback",
+                "    aliases (127.0.0.1, localhost, [::1]) to block",
+                "    DNS-rebinding. On non-loopback binds the operator has",
+                "    accepted exposure via --allow-remote, and we cannot",
+                "    enumerate every reachable hostname/IP, so the checks",
+                "    are skipped — front the server with a reverse proxy if",
+                "    you need per-Host policy.",
+                "",
+            ].join("\n"));
+            process.exit(0);
+        }
+        if (arg === "--port") {
+            const value = args[index + 1];
+            if (!value)
+                throw new Error("--port requires a value");
+            port = parsePort(value);
+            index += 1;
+            continue;
+        }
+        if (arg.startsWith("--port=")) {
+            port = parsePort(arg.slice("--port=".length));
+            continue;
+        }
+        if (arg === "--host") {
+            const value = args[index + 1];
+            if (!value)
+                throw new Error("--host requires a value");
+            host = value;
+            index += 1;
+            continue;
+        }
+        if (arg.startsWith("--host=")) {
+            host = arg.slice("--host=".length);
+            continue;
+        }
+        if (arg === "--allow-remote") {
+            allowRemote = true;
+            continue;
+        }
+        throw new Error(`Unknown argument: ${arg}`);
+    }
+    if (port === undefined) {
+        return { transport: "stdio" };
+    }
+    if (!isLoopbackHost(host) && !allowRemote) {
+        throw new Error(`Refusing to bind SSE transport on non-loopback host '${host}' without --allow-remote (or CDP_MCP_ALLOW_REMOTE=1). MCP tools include in-page eval and server-filesystem writes; remote exposure is opt-in.`);
+    }
+    return {
+        transport: "sse",
+        host,
+        port,
+        allowRemote,
+    };
+}
+function parsePort(raw) {
+    const port = Number(raw);
+    if (!Number.isInteger(port) || port < 1 || port > 65535) {
+        throw new Error(`Invalid --port value: ${raw}`);
+    }
+    return port;
+}
+async function main() {
+    const mode = parseArgs(process.argv.slice(2));
+    if (mode.transport === "sse") {
+        await runSseServer(mode);
+        return;
+    }
+    await runStdioServer();
+}
+async function runStdioServer() {
+    const server = buildServer();
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    log.info("cdp-mcp server started", { pid: process.pid });
+    const shutdown = async (signal) => {
+        log.info(`shutdown signal: ${signal}`);
+        try {
+            const session = getSession();
+            if (session)
+                await sessionState.close();
+        }
+        catch (e) {
+            log.warn("error during shutdown", { error: String(e) });
+        }
+        try {
+            await server.close();
+        }
+        catch (e) {
+            log.warn("error closing server", { error: String(e) });
+        }
+        process.exit(0);
+    };
+    process.on("SIGINT", () => void shutdown("SIGINT"));
+    process.on("SIGTERM", () => void shutdown("SIGTERM"));
+    installProcessErrorHandlers();
+}
+async function runSseServer(mode) {
+    const clients = new Map();
+    // Host/Origin validation is a DNS-rebinding defense — it bites only
+    // on loopback binds, where an attacker page can be tricked into
+    // reaching 127.0.0.1 via a rebound DNS name. On non-loopback binds
+    // the operator has explicitly accepted exposure via --allow-remote,
+    // and we cannot statically enumerate every hostname/IP the host
+    // might be reached by (LAN IP, hostname, mDNS, VPN, …) — so we skip
+    // both checks and treat --allow-remote as the gate.
+    const validateHostOrigin = isLoopbackHost(mode.host);
+    const allowedHosts = validateHostOrigin ? buildAllowedHosts(mode.host, mode.port) : new Set();
+    const allowedOrigins = validateHostOrigin ? buildAllowedOrigins(mode.host, mode.port) : new Set();
+    const httpServer = createServer((req, res) => {
+        void handleSseRequest({
+            req,
+            res,
+            clients,
+            host: mode.host,
+            port: mode.port,
+            validateHostOrigin,
+            allowedHosts,
+            allowedOrigins,
+        });
+    });
+    await listen(httpServer, mode);
+    log.info("cdp-mcp SSE server started", {
+        pid: process.pid,
+        url: `http://${mode.host}:${mode.port}/sse`,
+        allowRemote: mode.allowRemote,
+    });
+    if (!isLoopbackHost(mode.host)) {
+        log.warn("SSE bound to non-loopback host — exposing in-page eval + filesystem-write tools without auth (operator opted in via --allow-remote)", { host: mode.host, port: mode.port });
+    }
+    // Close SSE transports BEFORE the HTTP server: Node's server.close()
+    // waits for in-flight requests to drain, and /sse connections are
+    // long-lived by design — closing the HTTP server first would hang
+    // SIGINT / SIGTERM indefinitely.
+    const shutdown = async (signal) => {
+        log.info(`shutdown signal: ${signal}`);
+        await closeSseClients(clients);
+        await closeHttpServer(httpServer);
+        try {
+            const session = getSession();
+            if (session)
+                await sessionState.close();
+        }
+        catch (e) {
+            log.warn("error during shutdown", { error: String(e) });
+        }
+        process.exit(0);
+    };
+    process.on("SIGINT", () => void shutdown("SIGINT"));
+    process.on("SIGTERM", () => void shutdown("SIGTERM"));
+    installProcessErrorHandlers();
+}
+function installProcessErrorHandlers() {
+    process.on("uncaughtException", (err) => {
+        log.error("uncaughtException", { error: String(err), stack: err.stack });
+    });
+    process.on("unhandledRejection", (reason) => {
+        log.error("unhandledRejection", { reason: String(reason) });
+    });
+}
+async function handleSseRequest({ req, res, clients, host, port, validateHostOrigin, allowedHosts, allowedOrigins, }) {
+    try {
+        // DNS-rebinding defense for loopback binds: validate Host (and
+        // Origin if present) before the SDK touches the request. The MCP
+        // SDK's SSEServerTransport does not gate either header by default.
+        // Skipped on non-loopback binds — see runSseServer for rationale.
+        if (validateHostOrigin) {
+            const headerHost = req.headers.host;
+            if (!headerHost || !allowedHosts.has(headerHost)) {
+                log.warn("rejecting SSE request with disallowed Host header", {
+                    host: headerHost,
+                    bindHost: host,
+                });
+                respondText(res, 403, "forbidden\n");
+                return;
+            }
+            // Origin is only sent by browsers (and is `null` for sandboxed
+            // iframes / file://). Checking it when present is the
+            // cross-origin defense layer; the Host check above is what
+            // catches non-browser callers and Origin-omitting browsers.
+            const originHeader = req.headers.origin;
+            if (originHeader && !allowedOrigins.has(originHeader)) {
+                log.warn("rejecting SSE request with disallowed Origin header", { origin: originHeader });
+                respondText(res, 403, "forbidden\n");
+                return;
+            }
+        }
+        const url = new URL(req.url ?? "/", `http://${req.headers.host ?? `${host}:${port}`}`);
+        if (req.method === "GET" && url.pathname === "/sse") {
+            await startSseConnection({ res, clients });
+            return;
+        }
+        if (req.method === "POST" && url.pathname === "/messages") {
+            await handleSseMessage({ req, res, clients, sessionId: url.searchParams.get("sessionId") });
+            return;
+        }
+        respondText(res, 404, "not found\n");
+    }
+    catch (e) {
+        log.error("SSE request failed", { error: String(e) });
+        if (!res.headersSent) {
+            respondText(res, 500, "internal server error\n");
+        }
+        else {
+            res.end();
+        }
+    }
+}
+// Called only on loopback binds (see runSseServer). The set covers the
+// three loopback aliases a browser or CLI might use to reach a 127.0.0.1
+// / localhost / ::1 server; anything else implies DNS-rebinding.
+function buildAllowedHosts(bindHost, port) {
+    const hosts = new Set([
+        `${bindHost}:${port}`,
+        `127.0.0.1:${port}`,
+        `localhost:${port}`,
+        `[::1]:${port}`,
+    ]);
+    return hosts;
+}
+function buildAllowedOrigins(bindHost, port) {
+    const origins = new Set();
+    for (const hostPort of buildAllowedHosts(bindHost, port)) {
+        origins.add(`http://${hostPort}`);
+        origins.add(`https://${hostPort}`);
+    }
+    return origins;
+}
+async function startSseConnection({ res, clients, }) {
+    const transport = new SSEServerTransport("/messages", res);
+    const server = buildServer();
+    transport.onclose = () => {
+        const client = clients.get(transport.sessionId);
+        clients.delete(transport.sessionId);
+        void client?.server.close().catch((e) => {
+            log.warn("error closing MCP server for SSE client", { sessionId: transport.sessionId, error: String(e) });
+        });
+    };
+    transport.onerror = (e) => {
+        log.warn("SSE transport error", { sessionId: transport.sessionId, error: String(e) });
+    };
+    clients.set(transport.sessionId, { server, transport });
+    await server.connect(transport);
+    log.info("SSE client connected", { sessionId: transport.sessionId });
+}
+async function handleSseMessage({ req, res, clients, sessionId, }) {
+    if (!sessionId) {
+        respondText(res, 400, "missing sessionId\n");
+        return;
+    }
+    const client = clients.get(sessionId);
+    if (!client) {
+        respondText(res, 404, "unknown sessionId\n");
+        return;
+    }
+    await client.transport.handlePostMessage(req, res);
+}
+async function listen(server, mode) {
+    await new Promise((resolve, reject) => {
+        const onError = (e) => {
+            server.off("listening", onListening);
+            reject(e);
+        };
+        const onListening = () => {
+            server.off("error", onError);
+            resolve();
+        };
+        server.once("error", onError);
+        server.once("listening", onListening);
+        server.listen(mode.port, mode.host);
+    });
+}
+async function closeHttpServer(server) {
+    await new Promise((resolve, reject) => {
+        server.close((e) => {
+            if (e) {
+                reject(e);
+                return;
+            }
+            resolve();
+        });
+    }).catch((e) => {
+        log.warn("error closing HTTP server", { error: String(e) });
+    });
+}
+async function closeSseClients(clients) {
+    const entries = [...clients.entries()];
+    clients.clear();
+    await Promise.all(entries.map(async ([sessionId, client]) => {
+        try {
+            await client.transport.close();
+        }
+        catch (e) {
+            log.warn("error closing SSE transport", { sessionId, error: String(e) });
+        }
+        try {
+            await client.server.close();
+        }
+        catch (e) {
+            log.warn("error closing MCP server", { sessionId, error: String(e) });
+        }
+    }));
+}
+function respondText(res, statusCode, body) {
+    res.writeHead(statusCode, { "Content-Type": "text/plain; charset=utf-8" });
+    res.end(body);
+}
+main().catch((err) => {
+    log.error("fatal", { error: String(err), stack: err?.stack });
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,YAAY,EAAwE,MAAM,WAAW,CAAC;AAC/G,OAAO,EAAE,kBAAkB,EAAE,MAAM,yCAAyC,CAAC;AAC7E,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AAEjF,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AAapC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;AAElE,SAAS,cAAc,CAAC,IAAY;IAClC,OAAO,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAClC,CAAC;AASD,SAAS,SAAS,CAAC,IAAc;IAC/B,IAAI,IAAwB,CAAC;IAC7B,IAAI,IAAI,GAAG,WAAW,CAAC;IACvB,IAAI,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,GAAG,CAAC;IAE3D,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;QACxB,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACrC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB;gBACE,QAAQ;gBACR,kEAAkE;gBAClE,kFAAkF;gBAClF,qDAAqD;gBACrD,EAAE;gBACF,mBAAmB;gBACnB,+DAA+D;gBAC/D,8DAA8D;gBAC9D,mDAAmD;gBACnD,iEAAiE;gBACjE,8DAA8D;gBAC9D,qDAAqD;gBACrD,8DAA8D;gBAC9D,oDAAoD;gBACpD,2DAA2D;gBAC3D,yDAAyD;gBACzD,0DAA0D;gBAC1D,4DAA4D;gBAC5D,+BAA+B;gBAC/B,EAAE;aACH,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACvD,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;YACxB,KAAK,IAAI,CAAC,CAAC;YACX,SAAS;QACX,CAAC;QAED,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;YAC9C,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,CAAC,KAAK;gBAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;YACvD,IAAI,GAAG,KAAK,CAAC;YACb,KAAK,IAAI,CAAC,CAAC;YACX,SAAS;QACX,CAAC;QAED,IAAI,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAC9B,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YACnC,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,gBAAgB,EAAE,CAAC;YAC7B,WAAW,GAAG,IAAI,CAAC;YACnB,SAAS;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,qBAAqB,GAAG,EAAE,CAAC,CAAC;IAC9C,CAAC;IAED,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;IAChC,CAAC;IAED,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CACb,wDAAwD,IAAI,+IAA+I,CAC5M,CAAC;IACJ,CAAC;IAED,OAAO;QACL,SAAS,EAAE,KAAK;QAChB,IAAI;QACJ,IAAI;QACJ,WAAW;KACZ,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,GAAW;IAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,KAAK,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,EAAE,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,IAAI,IAAI,CAAC,SAAS,KAAK,KAAK,EAAE,CAAC;QAC7B,MAAM,YAAY,CAAC,IAAI,CAAC,CAAC;QACzB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,EAAE,CAAC;AACzB,CAAC;AAED,KAAK,UAAU,cAAc;IAC3B,MAAM,MAAM,GAAG,WAAW,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,GAAG,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAEzD,MAAM,QAAQ,GAAG,KAAK,EAAE,MAAc,EAAE,EAAE;QACxC,GAAG,CAAC,IAAI,CAAC,oBAAoB,MAAM,EAAE,CAAC,CAAC;QACvC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;YAC7B,IAAI,OAAO;gBAAE,MAAM,YAAY,CAAC,KAAK,EAAE,CAAC;QAC1C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;QACvB,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACzD,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;IACpD,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;IACtD,2BAA2B,EAAE,CAAC;AAChC,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,IAAa;IACvC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAqB,CAAC;IAC7C,oEAAoE;IACpE,gEAAgE;IAChE,mEAAmE;IACnE,oEAAoE;IACpE,gEAAgE;IAChE,oEAAoE;IACpE,oDAAoD;IACpD,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrD,MAAM,YAAY,GAAG,kBAAkB,CAAC,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAU,CAAC;IACtG,MAAM,cAAc,GAAG,kBAAkB,CAAC,CAAC,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAU,CAAC;IAC1G,MAAM,UAAU,GAAG,YAAY,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAC3C,KAAK,gBAAgB,CAAC;YACpB,GAAG;YACH,GAAG;YACH,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,kBAAkB;YAClB,YAAY;YACZ,cAAc;SACf,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,MAAM,MAAM,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;IAC/B,GAAG,CAAC,IAAI,CAAC,4BAA4B,EAAE;QACrC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,UAAU,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,MAAM;QAC3C,WAAW,EAAE,IAAI,CAAC,WAAW;KAC9B,CAAC,CAAC;IACH,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,CAAC,IAAI,CACN,qIAAqI,EACrI,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CACrC,CAAC;IACJ,CAAC;IAED,qEAAqE;IACrE,kEAAkE;IAClE,kEAAkE;IAClE,iCAAiC;IACjC,MAAM,QAAQ,GAAG,KAAK,EAAE,MAAc,EAAE,EAAE;QACxC,GAAG,CAAC,IAAI,CAAC,oBAAoB,MAAM,EAAE,CAAC,CAAC;QACvC,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC;QAC/B,MAAM,eAAe,CAAC,UAAU,CAAC,CAAC;QAClC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;YAC7B,IAAI,OAAO;gBAAE,MAAM,YAAY,CAAC,KAAK,EAAE,CAAC;QAC1C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;IACpD,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;IACtD,2BAA2B,EAAE,CAAC;AAChC,CAAC;AAED,SAAS,2BAA2B;IAClC,OAAO,CAAC,EAAE,CAAC,mBAAmB,EAAE,CAAC,GAAG,EAAE,EAAE;QACtC,GAAG,CAAC,KAAK,CAAC,mBAAmB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;IAC3E,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,EAAE,CAAC,oBAAoB,EAAE,CAAC,MAAM,EAAE,EAAE;QAC1C,GAAG,CAAC,KAAK,CAAC,oBAAoB,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,EAC9B,GAAG,EACH,GAAG,EACH,OAAO,EACP,IAAI,EACJ,IAAI,EACJ,kBAAkB,EAClB,YAAY,EACZ,cAAc,GAUf;IACC,IAAI,CAAC;QACH,+DAA+D;QAC/D,iEAAiE;QACjE,mEAAmE;QACnE,kEAAkE;QAClE,IAAI,kBAAkB,EAAE,CAAC;YACvB,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,UAAU,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBACjD,GAAG,CAAC,IAAI,CAAC,mDAAmD,EAAE;oBAC5D,IAAI,EAAE,UAAU;oBAChB,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAC;gBACH,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,aAAa,CAAC,CAAC;gBACrC,OAAO;YACT,CAAC;YACD,+DAA+D;YAC/D,sDAAsD;YACtD,2DAA2D;YAC3D,4DAA4D;YAC5D,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;YACxC,IAAI,YAAY,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;gBACtD,GAAG,CAAC,IAAI,CAAC,qDAAqD,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC;gBAC1F,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,aAAa,CAAC,CAAC;gBACrC,OAAO;YACT,CAAC;QACH,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,UAAU,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,GAAG,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;QAEvF,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;YACpD,MAAM,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC;YAC3C,OAAO;QACT,CAAC;QAED,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC1D,MAAM,gBAAgB,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YAC5F,OAAO;QACT,CAAC;QAED,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,aAAa,CAAC,CAAC;IACvC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,GAAG,CAAC,KAAK,CAAC,oBAAoB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACtD,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YACrB,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,yBAAyB,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;AACH,CAAC;AAED,uEAAuE;AACvE,yEAAyE;AACzE,iEAAiE;AACjE,SAAS,iBAAiB,CAAC,QAAgB,EAAE,IAAY;IACvD,MAAM,KAAK,GAAG,IAAI,GAAG,CAAS;QAC5B,GAAG,QAAQ,IAAI,IAAI,EAAE;QACrB,aAAa,IAAI,EAAE;QACnB,aAAa,IAAI,EAAE;QACnB,SAAS,IAAI,EAAE;KAChB,CAAC,CAAC;IACH,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAgB,EAAE,IAAY;IACzD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,KAAK,MAAM,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,UAAU,QAAQ,EAAE,CAAC,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,WAAW,QAAQ,EAAE,CAAC,CAAC;IACrC,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAC,EAChC,GAAG,EACH,OAAO,GAIR;IACC,MAAM,SAAS,GAAG,IAAI,kBAAkB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAG,WAAW,EAAE,CAAC;IAE7B,SAAS,CAAC,OAAO,GAAG,GAAG,EAAE;QACvB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAChD,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACpC,KAAK,MAAM,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;YACtC,GAAG,CAAC,IAAI,CAAC,yCAAyC,EAAE,EAAE,SAAS,EAAE,SAAS,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC5G,CAAC,CAAC,CAAC;IACL,CAAC,CAAC;IACF,SAAS,CAAC,OAAO,GAAG,CAAC,CAAC,EAAE,EAAE;QACxB,GAAG,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,SAAS,EAAE,SAAS,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACxF,CAAC,CAAC;IAEF,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;IACxD,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,GAAG,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,SAAS,EAAE,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC;AACvE,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,EAC9B,GAAG,EACH,GAAG,EACH,OAAO,EACP,SAAS,GAMV;IACC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACtC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,qBAAqB,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,MAAM,MAAM,CAAC,SAAS,CAAC,iBAAiB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;AACrD,CAAC;AAED,KAAK,UAAU,MAAM,CAAC,MAAkB,EAAE,IAAa;IACrD,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1C,MAAM,OAAO,GAAG,CAAC,CAAQ,EAAE,EAAE;YAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;YACrC,MAAM,CAAC,CAAC,CAAC,CAAC;QACZ,CAAC,CAAC;QACF,MAAM,WAAW,GAAG,GAAG,EAAE;YACvB,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC7B,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,MAAkB;IAC/C,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC1C,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;YACjB,IAAI,CAAC,EAAE,CAAC;gBACN,MAAM,CAAC,CAAC,CAAC,CAAC;gBACV,OAAO;YACT,CAAC;YACD,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAU,EAAE,EAAE;QACtB,GAAG,CAAC,IAAI,CAAC,2BAA2B,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,OAA+B;IAC5D,MAAM,OAAO,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;IACvC,OAAO,CAAC,KAAK,EAAE,CAAC;IAEhB,MAAM,OAAO,CAAC,GAAG,CACf,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE,EAAE;QACxC,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACjC,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAC,IAAI,CAAC,6BAA6B,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QAC9B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,CAAC,IAAI,CAAC,0BAA0B,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC,CAAC,CACH,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,GAAmB,EAAE,UAAkB,EAAE,IAAY;IACxE,GAAG,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,cAAc,EAAE,2BAA2B,EAAE,CAAC,CAAC;IAC3E,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,GAAG,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC;IAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/server.js

@@ -0,0 +1,27 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { registerSessionTools } from "./tools/session.js";
+import { registerNavTools } from "./tools/nav.js";
+import { registerSourceTools } from "./tools/source.js";
+import { registerBreakpointTools } from "./tools/breakpoints.js";
+import { registerExecutionTools } from "./tools/execution.js";
+import { registerInspectTools } from "./tools/inspect.js";
+import { registerConsoleTools } from "./tools/console.js";
+import { registerNetworkTools } from "./tools/network.js";
+import { registerDomTools } from "./tools/dom.js";
+export function buildServer() {
+    const server = new McpServer({
+        name: "cdp-mcp",
+        version: "0.1.0",
+    });
+    registerSessionTools(server);
+    registerNavTools(server);
+    registerSourceTools(server);
+    registerBreakpointTools(server);
+    registerExecutionTools(server);
+    registerInspectTools(server);
+    registerConsoleTools(server);
+    registerNetworkTools(server);
+    registerDomTools(server);
+    return server;
+}
+//# sourceMappingURL=server.js.map

package/dist/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElD,MAAM,UAAU,WAAW;IACzB,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;QAC3B,IAAI,EAAE,SAAS;QACf,OAAO,EAAE,OAAO;KACjB,CAAC,CAAC;IAEH,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC7B,gBAAgB,CAAC,MAAM,CAAC,CAAC;IACzB,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC5B,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAChC,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAC/B,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC7B,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC7B,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC7B,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAEzB,OAAO,MAAM,CAAC;AAChB,CAAC"}