crosscheck-mcp 0.1.15 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/node-stdio.cjs +81 -26
- package/dist/node-stdio.cjs.map +1 -1
- package/dist/node-stdio.js +64 -9
- package/dist/node-stdio.js.map +1 -1
- package/dist/pricing.json +6 -4
- package/package.json +1 -1
package/dist/node-stdio.js
CHANGED
|
@@ -1096,6 +1096,59 @@ function roundTo(x, n) {
|
|
|
1096
1096
|
return Number(x.toFixed(n));
|
|
1097
1097
|
}
|
|
1098
1098
|
|
|
1099
|
+
// src/core/license.ts
|
|
1100
|
+
init_esm_shims();
|
|
1101
|
+
import crypto from "crypto";
|
|
1102
|
+
var EMBEDDED_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----
|
|
1103
|
+
MCowBQYDK2VwAyEA4zpZT92Hj6POb3orlxJVzsPJVp9+zIajq2Mcvex3fbk=
|
|
1104
|
+
-----END PUBLIC KEY-----`;
|
|
1105
|
+
function fromB64url(s) {
|
|
1106
|
+
const pad = s.length % 4 === 0 ? "" : "=".repeat(4 - s.length % 4);
|
|
1107
|
+
return Buffer.from(s.replace(/-/g, "+").replace(/_/g, "/") + pad, "base64");
|
|
1108
|
+
}
|
|
1109
|
+
function licenseEnforced() {
|
|
1110
|
+
return String(true) === "true";
|
|
1111
|
+
}
|
|
1112
|
+
function verifyLicense(jwt) {
|
|
1113
|
+
if (!jwt) return { ok: false, reason: "missing" };
|
|
1114
|
+
const [body, sig] = jwt.split(".");
|
|
1115
|
+
if (!body || !sig) return { ok: false, reason: "malformed" };
|
|
1116
|
+
try {
|
|
1117
|
+
const pub = crypto.createPublicKey(EMBEDDED_PUBLIC_KEY_PEM);
|
|
1118
|
+
if (!crypto.verify(null, Buffer.from(body), pub, fromB64url(sig))) {
|
|
1119
|
+
return { ok: false, reason: "bad_signature" };
|
|
1120
|
+
}
|
|
1121
|
+
} catch {
|
|
1122
|
+
return { ok: false, reason: "verify_error" };
|
|
1123
|
+
}
|
|
1124
|
+
try {
|
|
1125
|
+
const parsed = JSON.parse(fromB64url(body).toString("utf8"));
|
|
1126
|
+
if (typeof parsed.exp !== "number" || Date.now() > parsed.exp) {
|
|
1127
|
+
return { ok: false, reason: "expired" };
|
|
1128
|
+
}
|
|
1129
|
+
} catch {
|
|
1130
|
+
return { ok: false, reason: "bad_json" };
|
|
1131
|
+
}
|
|
1132
|
+
return { ok: true };
|
|
1133
|
+
}
|
|
1134
|
+
function enforceLicenseOrExit() {
|
|
1135
|
+
if (!licenseEnforced()) return;
|
|
1136
|
+
const result = verifyLicense(process.env["CROSSCHECK_LICENSE_JWT"]);
|
|
1137
|
+
if (!result.ok) {
|
|
1138
|
+
process.stderr.write(
|
|
1139
|
+
`crosscheck: no valid activation (license ${result.reason}).
|
|
1140
|
+
This engine is licensed and must be run through the crosscheck CLI on an
|
|
1141
|
+
active subscription. Install it with:
|
|
1142
|
+
|
|
1143
|
+
npx -y crosscheck-cli@latest install
|
|
1144
|
+
|
|
1145
|
+
Details + pricing: https://www.crosscheckagent.com
|
|
1146
|
+
`
|
|
1147
|
+
);
|
|
1148
|
+
process.exit(1);
|
|
1149
|
+
}
|
|
1150
|
+
}
|
|
1151
|
+
|
|
1099
1152
|
// src/providers/registry.ts
|
|
1100
1153
|
init_esm_shims();
|
|
1101
1154
|
|
|
@@ -1125,7 +1178,7 @@ var PROVIDER_CAPS = {
|
|
|
1125
1178
|
family: "gemini",
|
|
1126
1179
|
system_role: "separate",
|
|
1127
1180
|
supports_temperature: true,
|
|
1128
|
-
reasoning_prefixes: ["gemini-2.5-pro"]
|
|
1181
|
+
reasoning_prefixes: ["gemini-3.1-pro", "gemini-3.5-flash", "gemini-2.5-pro"]
|
|
1129
1182
|
}
|
|
1130
1183
|
};
|
|
1131
1184
|
function isReasoningModel(provider, model) {
|
|
@@ -1598,7 +1651,8 @@ function parseGeminiResponse(opts) {
|
|
|
1598
1651
|
const u = r["usageMetadata"] ?? {};
|
|
1599
1652
|
const prompt = Math.trunc(Number(u["promptTokenCount"] ?? 0)) || 0;
|
|
1600
1653
|
const cached = Math.trunc(Number(u["cachedContentTokenCount"] ?? 0)) || 0;
|
|
1601
|
-
const
|
|
1654
|
+
const thoughts = Math.trunc(Number(u["thoughtsTokenCount"] ?? 0)) || 0;
|
|
1655
|
+
const completion = (Math.trunc(Number(u["candidatesTokenCount"] ?? 0)) || 0) + thoughts;
|
|
1602
1656
|
const total = Math.trunc(Number(u["totalTokenCount"] ?? 0)) || 0;
|
|
1603
1657
|
const usage = {
|
|
1604
1658
|
provider: "gemini",
|
|
@@ -1872,7 +1926,7 @@ var DEFAULT_MODELS = {
|
|
|
1872
1926
|
mistral: "mistral-large-latest",
|
|
1873
1927
|
groq: "llama-3.3-70b-versatile",
|
|
1874
1928
|
deepseek: "deepseek-chat",
|
|
1875
|
-
gemini: "gemini-
|
|
1929
|
+
gemini: "gemini-3.1-pro-preview"
|
|
1876
1930
|
};
|
|
1877
1931
|
function buildProviders(opts) {
|
|
1878
1932
|
const out = {};
|
|
@@ -2071,7 +2125,7 @@ Reasoning upgrade (Fable 5):
|
|
|
2071
2125
|
Spend visibility:
|
|
2072
2126
|
- Every reasoning-tool result carries a "run_summary" whose pre-rendered "text" block already includes a "spend by model (this call)" breakdown. Show that block \u2014 do not bury the cost.
|
|
2073
2127
|
- "run_summary" also carries "session_by_model" + "session_cost_usd" (per-model spend for the whole session). At the END of a multi-turn task, present the session spend per model plus the aggregate total, so the user knows what the task cost without scrolling back.
|
|
2074
|
-
- Fable 5
|
|
2128
|
+
- Fable 5 is priced at $10 per million input tokens and $50 per million output tokens; the per-call and session spend already reflect this.`;
|
|
2075
2129
|
}
|
|
2076
2130
|
|
|
2077
2131
|
// src/tools/index.ts
|
|
@@ -12167,7 +12221,7 @@ var CHECK_INTERVAL_SECONDS = 3 * 24 * 60 * 60;
|
|
|
12167
12221
|
var DEFAULT_PACKAGE = "crosscheck-cli";
|
|
12168
12222
|
var FETCH_TIMEOUT_MS = 3e3;
|
|
12169
12223
|
function engineVersion() {
|
|
12170
|
-
return true ? "0.1
|
|
12224
|
+
return true ? "0.2.1" : "0.0.0-dev";
|
|
12171
12225
|
}
|
|
12172
12226
|
function defaultUpdateCachePath() {
|
|
12173
12227
|
const base = process.env["CROSSCHECK_DATA_DIR"] || path10.join(os.homedir() || os.tmpdir(), ".crosscheck");
|
|
@@ -13529,7 +13583,7 @@ function attachUpdateNotice(result, toolName, opts) {
|
|
|
13529
13583
|
|
|
13530
13584
|
// src/core/telemetry.ts
|
|
13531
13585
|
init_esm_shims();
|
|
13532
|
-
import
|
|
13586
|
+
import crypto2 from "crypto";
|
|
13533
13587
|
var UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
|
|
13534
13588
|
var BATCH_MAX = 100;
|
|
13535
13589
|
var FLUSH_BATCH_AT = 25;
|
|
@@ -13577,7 +13631,7 @@ function canonicalEventBody(e) {
|
|
|
13577
13631
|
].join("|");
|
|
13578
13632
|
}
|
|
13579
13633
|
function signEvent(seatSigningKey, e) {
|
|
13580
|
-
return
|
|
13634
|
+
return crypto2.createHmac("sha256", seatSigningKey).update(canonicalEventBody(e)).digest("hex");
|
|
13581
13635
|
}
|
|
13582
13636
|
var configResolved = false;
|
|
13583
13637
|
var config = null;
|
|
@@ -13642,7 +13696,7 @@ function scheduleFlush() {
|
|
|
13642
13696
|
}
|
|
13643
13697
|
function enqueue(cfg, input) {
|
|
13644
13698
|
const base = {
|
|
13645
|
-
eventId:
|
|
13699
|
+
eventId: crypto2.randomUUID(),
|
|
13646
13700
|
seatId: cfg.seatId,
|
|
13647
13701
|
orgId: cfg.orgId,
|
|
13648
13702
|
ts: (/* @__PURE__ */ new Date()).toISOString(),
|
|
@@ -13714,7 +13768,7 @@ async function flush() {
|
|
|
13714
13768
|
|
|
13715
13769
|
// src/server.ts
|
|
13716
13770
|
var SERVER_NAME = "crosscheck-agent";
|
|
13717
|
-
var SERVER_VERSION = true ? "0.1
|
|
13771
|
+
var SERVER_VERSION = true ? "0.2.1" : "0.0.0-dev";
|
|
13718
13772
|
function extractRunSummaryText(out) {
|
|
13719
13773
|
if (out === null || typeof out !== "object" || Array.isArray(out)) return void 0;
|
|
13720
13774
|
const rs = out["run_summary"];
|
|
@@ -14055,6 +14109,7 @@ function loadConfigFile(opts) {
|
|
|
14055
14109
|
// src/entrypoints/node-stdio.ts
|
|
14056
14110
|
var SHUTDOWN_TIMEOUT_MS = 2e3;
|
|
14057
14111
|
async function main() {
|
|
14112
|
+
enforceLicenseOrExit();
|
|
14058
14113
|
const cfgDataDir = process.env["CROSSCHECK_DATA_DIR"] || path14.join(process.env["HOME"] ?? process.env["USERPROFILE"] ?? "", ".crosscheck");
|
|
14059
14114
|
const configFile = loadConfigFile({
|
|
14060
14115
|
startDir: process.cwd(),
|