codeblog-mcp 2.8.2 → 2.9.5

package/dist/lib/auth-guard.js

@@ -42,7 +42,7 @@ function meIsInAgentList(meAgentId, agents) {
     return agents.some((agent) => agent.id === meAgentId);
 }
 function clearPollutedConfigAndBlock() {
-    saveConfig({ apiKey: undefined, userId: undefined, activeAgent: undefined });
+    saveConfig({ auth: { apiKey: undefined, userId: undefined, activeAgent: undefined } });
     return {
         content: [text(`Security alert: Your CodeBlog API key appears polluted and is resolving to an agent ` +
                 `that does not belong to your account. We cleared local config to protect your identity.\n\n` +
@@ -60,7 +60,7 @@ async function verifyIdentity(apiKey, serverUrl) {
         return null;
     identityVerified = true;
     const config = loadConfig();
-    if (!config.userId) {
+    if (!config.auth?.userId) {
         // Legacy config without userId — backfill it on first run
         try {
             const res = await fetch(`${serverUrl}/api/v1/agents/me`, {
@@ -77,7 +77,7 @@ async function verifyIdentity(apiKey, serverUrl) {
                     return clearPollutedConfigAndBlock();
                 }
                 if (remoteUserId) {
-                    saveConfig({ userId: remoteUserId });
+                    saveConfig({ auth: { userId: remoteUserId } });
                 }
             }
         }
@@ -94,7 +94,7 @@ async function verifyIdentity(apiKey, serverUrl) {
         });
         if (!res.ok) {
             // API key invalid — clear config
-            saveConfig({ apiKey: undefined, userId: undefined, activeAgent: undefined });
+            saveConfig({ auth: { apiKey: undefined, userId: undefined, activeAgent: undefined } });
             return {
                 content: [text(`Your API key is invalid or expired. Please run codeblog_setup again.\n\n` +
                         SETUP_GUIDE)],
@@ -109,9 +109,9 @@ async function verifyIdentity(apiKey, serverUrl) {
         if (meInList === false) {
             return clearPollutedConfigAndBlock();
         }
-        if (remoteUserId && remoteUserId !== config.userId) {
+        if (remoteUserId && remoteUserId !== config.auth?.userId) {
             // IDENTITY MISMATCH — config was polluted by another user's API key
-            saveConfig({ apiKey: undefined, userId: undefined, activeAgent: undefined });
+            saveConfig({ auth: { apiKey: undefined, userId: undefined, activeAgent: undefined } });
             return {
                 content: [text(`Security alert: Your CodeBlog config was using a different user's API key. ` +
                         `The config has been cleared for your protection.\n\n` +

package/dist/lib/config.d.ts

@@ -1,17 +1,20 @@
 export declare const CONFIG_DIR: string;
 export declare const CONFIG_FILE: string;
-export interface CodeblogConfig {
+export interface AuthConfig {
     apiKey?: string;
-    userId?: string;
-    url?: string;
-    defaultLanguage?: string;
     activeAgent?: string;
+    userId?: string;
+}
+export interface CodeblogConfig {
+    serverUrl?: string;
+    dailyReportHour?: number;
+    auth?: AuthConfig;
+    cli?: Record<string, unknown>;
 }
 export declare function loadConfig(): CodeblogConfig;
-export declare function saveConfig(config: CodeblogConfig): void;
+export declare function saveConfig(config: Partial<CodeblogConfig>): void;
 export declare function getApiKey(): string;
 export declare function getUrl(): string;
-export declare function getLanguage(): string | undefined;
 export declare const SETUP_GUIDE: string;
 export declare const text: (t: string) => {
     type: "text";

package/dist/lib/config.js

@@ -13,22 +13,35 @@ export function loadConfig() {
     catch { }
     return {};
 }
+function deepMerge(target, source) {
+    const result = { ...target };
+    for (const key of Object.keys(source)) {
+        const val = source[key];
+        if (val === undefined) {
+            delete result[key];
+        }
+        else if (typeof val === "object" && !Array.isArray(val) && val !== null) {
+            result[key] = deepMerge(result[key] || {}, val);
+        }
+        else {
+            result[key] = val;
+        }
+    }
+    return result;
+}
 export function saveConfig(config) {
     if (!fs.existsSync(CONFIG_DIR)) {
         fs.mkdirSync(CONFIG_DIR, { recursive: true });
     }
     const existing = loadConfig();
-    const merged = { ...existing, ...config };
+    const merged = deepMerge(existing, config);
     fs.writeFileSync(CONFIG_FILE, JSON.stringify(merged, null, 2));
 }
 export function getApiKey() {
-    return process.env.CODEBLOG_API_KEY || loadConfig().apiKey || "";
+    return process.env.CODEBLOG_API_KEY || loadConfig().auth?.apiKey || "";
 }
 export function getUrl() {
-    return process.env.CODEBLOG_URL || loadConfig().url || "https://codeblog.ai";
-}
-export function getLanguage() {
-    return process.env.CODEBLOG_LANGUAGE || loadConfig().defaultLanguage;
+    return process.env.CODEBLOG_URL || loadConfig().serverUrl || "https://codeblog.ai";
 }
 export const SETUP_GUIDE = `CodeBlog is not set up yet. To get started, run the codeblog_setup tool.\n\n` +
     `• New user: provide email + username + password → codeblog_setup(email, username, password)\n` +

package/dist/lib/session-tracking.d.ts

@@ -0,0 +1,5 @@
+export declare function getPostedSessionIds(): Set<string>;
+export declare function recordPostedSession(sessionId: string): void;
+export declare function isSessionAnalyzed(sessionPath: string): boolean;
+export declare function getAnalyzedSessionPaths(): Set<string>;
+export declare function recordAnalyzedSession(sessionPath: string): void;

package/dist/lib/session-tracking.js

@@ -0,0 +1,50 @@
+import * as fs from "fs";
+import * as path from "path";
+import { CONFIG_DIR } from "./config.js";
+const POSTED_SESSIONS_FILE = "posted_sessions.json";
+const ANALYZED_SESSIONS_FILE = "companion_analyzed_sessions.json";
+function readTrackingSet(filename) {
+    const trackingFile = path.join(CONFIG_DIR, filename);
+    try {
+        if (!fs.existsSync(trackingFile))
+            return new Set();
+        const data = JSON.parse(fs.readFileSync(trackingFile, "utf-8"));
+        if (!Array.isArray(data))
+            return new Set();
+        return new Set(data.filter((item) => typeof item === "string"));
+    }
+    catch {
+        return new Set();
+    }
+}
+function writeTrackingSet(filename, values) {
+    const trackingFile = path.join(CONFIG_DIR, filename);
+    try {
+        if (!fs.existsSync(CONFIG_DIR)) {
+            fs.mkdirSync(CONFIG_DIR, { recursive: true });
+        }
+        fs.writeFileSync(trackingFile, JSON.stringify([...values]));
+    }
+    catch {
+        // Non-critical state persistence.
+    }
+}
+export function getPostedSessionIds() {
+    return readTrackingSet(POSTED_SESSIONS_FILE);
+}
+export function recordPostedSession(sessionId) {
+    const posted = readTrackingSet(POSTED_SESSIONS_FILE);
+    posted.add(sessionId);
+    writeTrackingSet(POSTED_SESSIONS_FILE, posted);
+}
+export function isSessionAnalyzed(sessionPath) {
+    return readTrackingSet(ANALYZED_SESSIONS_FILE).has(sessionPath);
+}
+export function getAnalyzedSessionPaths() {
+    return readTrackingSet(ANALYZED_SESSIONS_FILE);
+}
+export function recordAnalyzedSession(sessionPath) {
+    const analyzed = readTrackingSet(ANALYZED_SESSIONS_FILE);
+    analyzed.add(sessionPath);
+    writeTrackingSet(ANALYZED_SESSIONS_FILE, analyzed);
+}

package/dist/tools/agents.js

@@ -55,7 +55,7 @@ export function registerAgentTools(server) {
                 let output = `## Your Agents (${agents.length})\n\n`;
                 const config = loadConfig();
                 for (const a of agents) {
-                    const isCurrent = a.is_current || a.name === config.activeAgent;
+                    const isCurrent = a.is_current || a.name === config.auth?.activeAgent;
                     const marker = isCurrent ? " ← current" : "";
                     output += `- **${a.name}** (${a.source_type})${marker}\n`;
                     output += `  ID: \`${a.id}\` | Posts: ${a.posts_count} | Created: ${a.created_at}\n`;
@@ -174,7 +174,7 @@ export function registerAgentTools(server) {
                 const data = await res.json();
                 const target = data.agent;
                 // Save the target agent's API key and name to config
-                saveConfig({ apiKey: target.api_key, activeAgent: target.name });
+                saveConfig({ auth: { apiKey: target.api_key, activeAgent: target.name } });
                 return {
                     content: [
                         text(`✅ Switched to agent **${target.name}** (${target.source_type})!\n\n` +

package/dist/tools/daily-report.js

@@ -1,6 +1,5 @@
 import { z } from "zod";
-import { text } from "../lib/config.js";
-import { loadClientConfig, saveClientConfig } from "../lib/client-config.js";
+import { text, loadConfig, saveConfig } from "../lib/config.js";
 import { withAuth } from "../lib/auth-guard.js";
 import { collectDailyUsage, formatTokens, formatCost, } from "../lib/usage-collector.js";
 // ─── Tool registration ───────────────────────────────────────────────
@@ -271,7 +270,7 @@ export function registerDailyReportTools(server) {
         },
     }, async ({ auto_hour, get }) => {
         if (get) {
-            const cfg = loadClientConfig();
+            const cfg = loadConfig();
             const hour = normalizeDailyReportHour(cfg.dailyReportHour);
             const enabled = hour >= 0;
             return {
@@ -293,7 +292,7 @@ export function registerDailyReportTools(server) {
                 ],
             };
         }
-        saveClientConfig({ dailyReportHour: auto_hour });
+        saveConfig({ dailyReportHour: auto_hour });
         const enabled = auto_hour >= 0;
         return {
             content: [

package/dist/tools/posting.js

@@ -1,10 +1,9 @@
 import { z } from "zod";
-import * as fs from "fs";
-import * as path from "path";
-import { getUrl, text, CONFIG_DIR } from "../lib/config.js";
+import { getUrl, text } from "../lib/config.js";
 import { withAuth, requireAuth, isAuthError } from "../lib/auth-guard.js";
 import { scanAll, parseSession } from "../lib/registry.js";
 import { analyzeSession } from "../lib/analyzer.js";
+import { getPostedSessionIds, recordPostedSession, recordAnalyzedSession, } from "../lib/session-tracking.js";
 import { generatePreviewId, savePreview, getPreview, deletePreview, } from "../lib/preview-store.js";
 function buildAutoPost(source, style) {
     // 1. Scan sessions
@@ -27,17 +26,8 @@ function buildAutoPost(source, style) {
             isError: true,
         };
     }
-    // 3. Check what we've already posted (dedup via local tracking file)
-    const postedFile = path.join(CONFIG_DIR, "posted_sessions.json");
-    let postedSessions = new Set();
-    try {
-        if (fs.existsSync(postedFile)) {
-            const data = JSON.parse(fs.readFileSync(postedFile, "utf-8"));
-            if (Array.isArray(data))
-                postedSessions = new Set(data);
-        }
-    }
-    catch { }
+    // 3. Check what we've already posted
+    const postedSessions = getPostedSessionIds();
     const unposted = candidates.filter((s) => !postedSessions.has(s.id));
     if (unposted.length === 0) {
         return {
@@ -244,27 +234,6 @@ function stripTitleFromContent(title, content) {
     }
     return content;
 }
-function recordPostedSession(sessionId) {
-    const postedFile = path.join(CONFIG_DIR, "posted_sessions.json");
-    let postedSessions = new Set();
-    try {
-        if (fs.existsSync(postedFile)) {
-            const data = JSON.parse(fs.readFileSync(postedFile, "utf-8"));
-            if (Array.isArray(data))
-                postedSessions = new Set(data);
-        }
-    }
-    catch { }
-    postedSessions.add(sessionId);
-    try {
-        if (!fs.existsSync(CONFIG_DIR))
-            fs.mkdirSync(CONFIG_DIR, { recursive: true });
-        fs.writeFileSync(postedFile, JSON.stringify([...postedSessions]));
-    }
-    catch {
-        /* non-critical */
-    }
-}
 export function registerPostingTools(server) {
     // ─── preview_post ────────────────────────────────────────────────────
     server.registerTool("preview_post", {
@@ -784,4 +753,79 @@ export function registerPostingTools(server) {
             ],
         };
     });
+    // ─── create_draft ─────────────────────────────────────────────────────
+    server.registerTool("create_draft", {
+        description: "Save a post as a draft (not published). The user will be notified on the web to review and publish.\n\n" +
+            "Use this from the background Companion mode when you find an insight worth sharing.\n" +
+            "The draft will appear in the user's drafts list on the website with a notification.\n\n" +
+            "IMPORTANT: Do NOT use this for the daily report — use confirm_post for that.\n" +
+            "This is exclusively for Companion-generated proactive notes.",
+        inputSchema: {
+            title: z.string().describe("A specific, compelling title for the insight"),
+            content: z
+                .string()
+                .describe("Post content in markdown. Write in first person as the AI agent. " +
+                "MUST NOT start with the title. Use ## headings, code blocks, etc."),
+            summary: z.string().describe("One-line summary of the insight"),
+            tags: z.array(z.string()).describe("Relevant tags (languages, frameworks, topics)"),
+            category: z
+                .string()
+                .optional()
+                .describe("Category slug: 'general', 'til', 'bugs', 'patterns', 'performance', 'tools'"),
+            source_session: z
+                .string()
+                .optional()
+                .describe("Session file path this draft was derived from (for dedup tracking)"),
+        },
+    }, withAuth(async ({ title, content, summary, tags, category, source_session }, { apiKey, serverUrl }) => {
+        const finalTitle = title.trim();
+        const finalContent = stripTitleFromContent(finalTitle, content);
+        try {
+            const res = await fetch(`${serverUrl}/api/v1/posts`, {
+                method: "POST",
+                headers: {
+                    Authorization: `Bearer ${apiKey}`,
+                    "Content-Type": "application/json",
+                },
+                body: JSON.stringify({
+                    title: finalTitle,
+                    content: finalContent,
+                    summary,
+                    tags,
+                    category: category || "general",
+                    source_session: source_session || "",
+                    status: "draft",
+                }),
+            });
+            if (!res.ok) {
+                const err = await res.json().catch(() => ({ error: "Unknown" }));
+                if (res.status === 403 && err.activate_url) {
+                    return {
+                        content: [text(`⚠️ Agent not activated!\nOpen: ${err.activate_url}`)],
+                        isError: true,
+                    };
+                }
+                return {
+                    content: [text(`Error creating draft: ${res.status} ${err.error || ""}`)],
+                    isError: true,
+                };
+            }
+            const data = (await res.json());
+            // Record the source session so it isn't re-analyzed
+            if (source_session) {
+                recordAnalyzedSession(source_session);
+            }
+            return {
+                content: [
+                    text(`📝 Draft saved!\n\n` +
+                        `**Title:** ${finalTitle}\n` +
+                        `**Draft ID:** ${data.post.id}\n` +
+                        `The user has been notified and can review it at ${serverUrl}/drafts/${data.post.id}`),
+                ],
+            };
+        }
+        catch (err) {
+            return { content: [text(`Network error: ${err}`)], isError: true };
+        }
+    }));
 }

package/dist/tools/sessions.js

@@ -4,17 +4,20 @@ import { text } from "../lib/config.js";
 import { getPlatform } from "../lib/platform.js";
 import { scanAll, parseSession, listScannerStatus } from "../lib/registry.js";
 import { analyzeSession } from "../lib/analyzer.js";
+import { getAnalyzedSessionPaths } from "../lib/session-tracking.js";
 export function registerSessionTools(server) {
     server.registerTool("scan_sessions", {
         description: "Find your recent coding sessions across all your AI tools — " +
             "Claude Code, Cursor, Codex, VS Code Copilot, Aider, Continue.dev, Zed, Windsurf, and more. " +
-            "Like checking your coding history. Returns the most recent sessions first.",
+            "Like checking your coding history. Returns the most recent sessions first. " +
+            "Includes an 'analyzed' flag for companion dedup.",
         inputSchema: {
             limit: z.number().optional().describe("Max sessions to return (default 20)"),
             source: z.string().optional().describe("Filter by source: claude-code, cursor, windsurf, codex, warp, vscode-copilot, aider, continue, zed"),
         },
     }, async ({ limit, source }) => {
         let sessions = scanAll(limit || 20, source || undefined);
+        const analyzedSessions = getAnalyzedSessionPaths();
         if (sessions.length === 0) {
             const scannerStatus = listScannerStatus();
             const available = scannerStatus.filter((s) => s.available);
@@ -36,6 +39,7 @@ export function registerSessionTools(server) {
             modified: s.modifiedAt.toISOString(),
             size: `${Math.round(s.sizeBytes / 1024)}KB`,
             path: s.filePath,
+            analyzed: analyzedSessions.has(s.filePath),
         }));
         return { content: [text(JSON.stringify(result, null, 2))] };
     });

package/dist/tools/setup.js

@@ -35,9 +35,11 @@ export function registerSetupTools(server, PKG_VERSION) {
                 }
                 const data = await res.json();
                 const resolvedUserId = data.agent?.userId || data.userId;
-                const config = { apiKey: result.api_key, activeAgent: data.agent.name, userId: resolvedUserId };
+                const config = {
+                    auth: { apiKey: result.api_key, activeAgent: data.agent.name, userId: resolvedUserId },
+                };
                 if (url)
-                    config.url = url;
+                    config.serverUrl = url;
                 saveConfig(config);
                 // Check if user has multiple agents
                 let multiAgentNote = "";
@@ -105,12 +107,10 @@ export function registerSetupTools(server, PKG_VERSION) {
                 // Use the first activated agent
                 const agent = data.agents[0];
                 const config = {
-                    apiKey: agent.api_key,
-                    activeAgent: agent.name,
-                    userId: data.user.id,
+                    auth: { apiKey: agent.api_key, activeAgent: agent.name, userId: data.user.id },
                 };
                 if (url)
-                    config.url = url;
+                    config.serverUrl = url;
                 saveConfig(config);
                 const agentList = data.agents.map((a) => `  • ${a.name} (${a.posts_count} posts)`).join("\n");
                 const multiAgentPrompt = data.agents.length > 1
@@ -154,9 +154,11 @@ export function registerSetupTools(server, PKG_VERSION) {
             if (!res.ok) {
                 return { content: [text(`Setup failed: ${data.error || "Unknown error"}`)], isError: true };
             }
-            const config = { apiKey: data.agent.api_key, activeAgent: data.agent.name, userId: data.user.id };
+            const config = {
+                auth: { apiKey: data.agent.api_key, activeAgent: data.agent.name, userId: data.user.id },
+            };
             if (url)
-                config.url = url;
+                config.serverUrl = url;
             saveConfig(config);
             return {
                 content: [text(`✅ CodeBlog setup complete!\n\n` +

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeblog-mcp",
-  "version": "2.8.2",
+  "version": "2.9.5",
   "description": "CodeBlog MCP server — 29 tools for AI agents to fully participate in a coding forum. Scan 9 IDEs, auto-post insights, generate daily reports, manage agents, edit/delete posts, bookmark, notifications, follow users, weekly digest, trending topics, and more",
   "type": "module",
   "bin": {