data-compliance-mcp 1.0.27 → 1.0.30

package/CHANGELOG.md

@@ -1,5 +1,16 @@
 # Changelog
 
+## [1.0.29] - 2026-06-29
+- feat: add GET /.well-known/glama.json ownership endpoint for Glama registry verification
+
+## [1.0.28] - 2026-06-28
+- fix: gate email dedup — notifyGateHit now writes dcc:gate_email:{ip} to Redis with 1-hour TTL; retries within the hour suppressed
+- fix: 402 gate response agent_action changed to HALT_WORKFLOW; added retryable: false, retry_after_ms: null
+- fix: trial_extension structured field added explicitly to 402 gate response
+
+## [1.0.27] - 2026-06-28
+- feat: owner key bypass (OWNER_KEY env var) — fleet owner bypasses free tier and paid-only gates; usage logged to dcc:owner_calls:YYYY-MM in Redis
+
 ## [1.0.26] - 2026-06-26
 - fix: trial extension requests now written to Redis (dcc:trial:{email}) on grant -- permanent audit trail that survives redeploys; previously in-memory only
 

package/glama.json

@@ -1,22 +1,33 @@
 {
+  "$schema": "https://glama.ai/mcp/servers/schema.json",
   "name": "Data Compliance Classifier MCP",
   "description": "Classify data safety before your agent stores or shares it. GDPR, HIPAA, PCI-DSS, CCPA. AI-powered with jurisdiction detection, credential breach checking, and threat intelligence. Free tier: 20/month.",
-  "url": "https://data-compliance-mcp-production.up.railway.app",
-  "homepage": "https://kordagencies.com",
   "license": "UNLICENSED",
-  "categories": ["compliance", "security", "data-privacy", "ai"],
+  "categories": [
+    "legal-and-compliance",
+    "security",
+    "data-privacy"
+  ],
+  "remote": {
+    "transport": "sse",
+    "url": "https://data-compliance-mcp-production.up.railway.app/sse"
+  },
   "tools": [
     {
       "name": "validate_data_safety",
       "description": "Classify a data payload before storing or transmitting. Returns SAFE_TO_PROCESS, REDACT_BEFORE_PASSING, DO_NOT_STORE, or ESCALATE with applicable regulations."
     },
-    {
-      "name": "get_safety_report",
-      "description": "Batch classify up to 50 payloads or generate an audit-ready compliance report. Paid tier."
-    },
     {
       "name": "validate_data_safety_lite",
       "description": "Pattern-only screening for high-volume payload batches -- no AI, no IP check, no jurisdiction lookup. Returns SAFE_TO_PROCESS/REVIEW_REQUIRED in under 100ms."
+    },
+    {
+      "name": "get_safety_report",
+      "description": "Batch classify up to 50 payloads or generate an audit-ready compliance report. Paid tier."
     }
-  ]
+  ],
+  "links": {
+    "homepage": "https://kordagencies.com",
+    "npm": "https://www.npmjs.com/package/data-compliance-mcp"
+  }
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "data-compliance-mcp",
   "mcpName": "io.github.OjasKord/data-compliance-mcp",
-  "version": "1.0.27",
+  "version": "1.0.30",
   "description": "Data safety classifier for AI agents. GDPR, HIPAA, PCI-DSS compliance before your agent stores or shares any payload. SAFE/ESCALATE verdict in one call.",
   "main": "src/server.js",
   "scripts": {

package/src/server.js

@@ -3,7 +3,7 @@ const https = require('https');
 const crypto = require('crypto');
 const fs = require('fs');
 
-const VERSION = '1.0.27';
+const VERSION = '1.0.29';
 const FIRST_DEPLOYED = '2026-04-21T09:53:12Z';
 const LIFETIME_CALLS_REDIS_KEY = 'dcc:lifetime_calls';
 const UPTIME_HEARTBEAT_KEY = 'dcc:uptime:heartbeat_count';
@@ -1017,7 +1017,7 @@ async function checkAccess(req, toolName) {
   const monthKey = getMonthKey(ip);
   const calls = freeTierUsage.get(monthKey) || 0;
   if (calls >= FREE_TIER_LIMIT) {
-    notifyGateHit('Data Compliance Classifier', ip, toolName, calls, STRIPE_PRO_URL);
+    notifyGateHit('Data Compliance Classifier', ip, toolName, calls, STRIPE_PRO_URL).catch(() => {});
     recordFleetGateHit(ip).catch(() => {});
     const crossServerNote = await buildCrossServerNote(ip);
     return {
@@ -1069,10 +1069,17 @@ function truncateIp(ip) {
   return parts.length === 4 ? parts.slice(0, 3).join('.') + '.0' : ip;
 }
 
-function notifyGateHit(serverName, ip, toolName, totalCalls, stripeUrl) {
-  const maskedIp = truncateIp(ip);
-  const html = '<p>Server: ' + serverName + '</p><p>IP: ' + maskedIp + '</p><p>Tool: ' + (toolName || 'unknown') + '</p><p>Calls this month: ' + totalCalls + '</p><p>Time: ' + new Date().toISOString() + '</p><p>Upgrade: ' + stripeUrl + '</p>';
-  sendEmail('ojas@kordagencies.com', '[Gate Hit] ' + serverName + ' — ' + maskedIp + ' hit free tier limit', html)
+async function notifyGateHit(serverName, ip, toolName, totalCalls, stripeUrl) {
+  const ip24 = truncateIp(ip);
+  const dedupKey = REDIS_PREFIX + ':gate_email:' + ip24;
+  try {
+    const recent = await redisGet(dedupKey);
+    if (recent) { console.log('[GateNotify] suppressed duplicate for ' + ip24); return; }
+    await redisSet(dedupKey, new Date().toISOString());
+    await redisExpire(dedupKey, 3600);
+  } catch(e) { /* Redis unavailable — fall through and send */ }
+  const html = '<p>Server: ' + serverName + '</p><p>IP: ' + ip24 + '</p><p>Tool: ' + (toolName || 'unknown') + '</p><p>Calls this month: ' + totalCalls + '</p><p>Time: ' + new Date().toISOString() + '</p><p>Upgrade: ' + stripeUrl + '</p>';
+  sendEmail('ojas@kordagencies.com', '[Gate Hit] ' + serverName + ' — ' + ip24 + ' hit free tier limit', html)
     .catch(e => console.error('[GateNotify] failed:', e.message));
 }
 
@@ -1177,6 +1184,12 @@ const server = http.createServer(async (req, res) => {
     return;
   }
 
+  if (req.url === '/.well-known/glama.json' && req.method === 'GET') {
+    res.writeHead(200, { ...cors, 'Content-Type': 'application/json' });
+    res.end(JSON.stringify({ "$schema": "https://glama.ai/mcp/schemas/connector.json", "maintainers": [{ "email": "ojas@kordagencies.com" }] }));
+    return;
+  }
+
   if (req.url === '/deps' && req.method === 'GET') {
     const depCheck = (hostname, path, method, body, headers) => new Promise((resolve) => {
       const opts = { hostname, path, method: method || 'GET', headers: Object.assign({ 'User-Agent': 'DataCompliance-MCP-HealthCheck/1.0' }, headers || {}) };
@@ -1426,7 +1439,7 @@ const server = http.createServer(async (req, res) => {
           if (!access.allowed) {
             const likelyCause = access.tier === 'invalid' ? 'invalid or expired API key' : 'free tier monthly limit reached';
             res.writeHead(402, { ...cors, 'Content-Type': 'application/json' });
-            res.end(JSON.stringify({ jsonrpc: '2.0', id: request.id, result: { content: [{ type: 'text', text: JSON.stringify({ error: access.reason, agent_action: 'Inform user free tier quota is exhausted. Get 500 calls for $24 at ' + STRIPE_PRO_URL + ' -- calls never expire.', likely_cause: likelyCause, upgrade_url: STRIPE_PRO_URL, fallback_tool: 'validate_data_safety_lite', trace_id: Math.random().toString(36).slice(2, 10), _disclaimer: LEGAL_DISCLAIMER }) }] } }));
+            res.end(JSON.stringify({ jsonrpc: '2.0', id: request.id, result: { content: [{ type: 'text', text: JSON.stringify({ error: access.reason, agent_action: 'HALT_WORKFLOW — free tier exhausted. Do not retry this tool. Surface this error to the user immediately. The user must either POST /trial-extension (free, no card) or upgrade at ' + STRIPE_PRO_URL + ' to continue.', likely_cause: likelyCause, retryable: false, retry_after_ms: null, upgrade_url: STRIPE_PRO_URL, trial_extension: access.trial_extension || { endpoint: '/trial-extension', method: 'POST', body: { name: 'string', email: 'string', use_case: 'string' } }, fallback_tool: 'validate_data_safety_lite', trace_id: Math.random().toString(36).slice(2, 10), _disclaimer: LEGAL_DISCLAIMER }) }] } }));
             return;
           }