delimit-cli 3.6.6 → 3.6.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/bin/delimit-setup.js +23 -4
  2. package/gateway/requirements.txt +6 -0
  3. package/package.json +1 -1
package/bin/delimit-setup.js CHANGED
@@ -98,13 +98,32 @@ async function main() {
98
98
  fs.copyFileSync(serverSource, path.join(DELIMIT_HOME, 'server', 'mcp-server.py'));
99
99
  }
100
100
 
101
- // Install Python deps
101
+ // Install Python deps into isolated venv with pinned versions
102
102
  log(` ${dim(' Installing Python dependencies...')}`);
103
+ const venvDir = path.join(DELIMIT_HOME, 'venv');
104
+ const reqFile = path.join(DELIMIT_HOME, 'server', 'requirements.txt');
103
105
  try {
104
- execSync(`${python} -m pip install --quiet fastmcp pyyaml pydantic packaging 2>/dev/null`, { stdio: 'pipe' });
105
- log(` ${green('✓')} Python dependencies installed`);
106
+ if (!fs.existsSync(venvDir)) {
107
+ execSync(`${python} -m venv "${venvDir}"`, { stdio: 'pipe' });
108
+ }
109
+ const venvPython = path.join(venvDir, 'bin', 'python');
110
+ const venvPythonWin = path.join(venvDir, 'Scripts', 'python.exe');
111
+ const venvPy = fs.existsSync(venvPython) ? venvPython : venvPythonWin;
112
+ if (fs.existsSync(reqFile)) {
113
+ execSync(`"${venvPy}" -m pip install --quiet -r "${reqFile}" 2>/dev/null`, { stdio: 'pipe' });
114
+ } else {
115
+ execSync(`"${venvPy}" -m pip install --quiet fastmcp==3.1.0 pyyaml==6.0.3 pydantic==2.12.5 packaging==26.0 2>/dev/null`, { stdio: 'pipe' });
116
+ }
117
+ python = venvPy; // Use venv python for MCP config
118
+ log(` ${green('✓')} Python dependencies installed (isolated venv)`);
106
119
  } catch {
107
- log(` ${yellow('!')} pip install failed — run manually: pip install fastmcp pyyaml pydantic packaging`);
120
+ log(` ${yellow('!')} venv install failed — trying global pip`);
121
+ try {
122
+ execSync(`${python} -m pip install --quiet fastmcp==3.1.0 pyyaml==6.0.3 pydantic==2.12.5 packaging==26.0 2>/dev/null`, { stdio: 'pipe' });
123
+ log(` ${green('✓')} Python dependencies installed (global)`);
124
+ } catch {
125
+ log(` ${yellow('!')} pip install failed — run manually: pip install fastmcp pyyaml pydantic packaging`);
126
+ }
108
127
  }
109
128
 
110
129
  // Step 3: Configure Claude Code MCP
package/gateway/requirements.txt ADDED
@@ -0,0 +1,6 @@
1
+ # Delimit MCP server dependencies — pinned for supply chain security
2
+ # Update these when upgrading deps, then re-publish npm package
3
+ fastmcp==3.1.0
4
+ pyyaml==6.0.3
5
+ pydantic==2.12.5
6
+ packaging==26.0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "delimit-cli",
3
- "version": "3.6.6",
3
+ "version": "3.6.7",
4
4
  "description": "Catch breaking API changes before they ship. GitHub Action + CLI for OpenAPI specs.",
5
5
  "main": "index.js",
6
6
  "files": [