depguard-cli 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +190 -0
- package/README.md +213 -0
- package/dist/advisor.d.ts +13 -0
- package/dist/advisor.d.ts.map +1 -0
- package/dist/advisor.js +68 -0
- package/dist/advisor.js.map +1 -0
- package/dist/audit.d.ts +7 -0
- package/dist/audit.d.ts.map +1 -0
- package/dist/audit.js +86 -0
- package/dist/audit.js.map +1 -0
- package/dist/cli.d.ts +3 -0
- package/dist/cli.d.ts.map +1 -0
- package/dist/cli.js +148 -0
- package/dist/cli.js.map +1 -0
- package/dist/index.d.ts +10 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +8 -0
- package/dist/index.js.map +1 -0
- package/dist/license.d.ts +11 -0
- package/dist/license.d.ts.map +1 -0
- package/dist/license.js +133 -0
- package/dist/license.js.map +1 -0
- package/dist/mcp.d.ts +11 -0
- package/dist/mcp.d.ts.map +1 -0
- package/dist/mcp.js +179 -0
- package/dist/mcp.js.map +1 -0
- package/dist/registry.d.ts +12 -0
- package/dist/registry.d.ts.map +1 -0
- package/dist/registry.js +109 -0
- package/dist/registry.js.map +1 -0
- package/dist/scorer.d.ts +11 -0
- package/dist/scorer.d.ts.map +1 -0
- package/dist/scorer.js +92 -0
- package/dist/scorer.js.map +1 -0
- package/dist/search.d.ts +7 -0
- package/dist/search.d.ts.map +1 -0
- package/dist/search.js +22 -0
- package/dist/search.js.map +1 -0
- package/dist/tokens.d.ts +34 -0
- package/dist/tokens.d.ts.map +1 -0
- package/dist/tokens.js +105 -0
- package/dist/tokens.js.map +1 -0
- package/dist/types.d.ts +168 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -0
- package/package.json +57 -0
package/dist/cli.js
ADDED
|
@@ -0,0 +1,148 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import { parseArgs } from 'node:util';
|
|
3
|
+
import { audit } from './audit.js';
|
|
4
|
+
import { search } from './search.js';
|
|
5
|
+
import { score } from './scorer.js';
|
|
6
|
+
import { shouldUse } from './advisor.js';
|
|
7
|
+
const { values, positionals } = parseArgs({
|
|
8
|
+
allowPositionals: true,
|
|
9
|
+
options: {
|
|
10
|
+
'target-license': { type: 'string', default: 'MIT' },
|
|
11
|
+
'threshold': { type: 'string', default: '60' },
|
|
12
|
+
'limit': { type: 'string', default: '10' },
|
|
13
|
+
'json': { type: 'boolean', default: false },
|
|
14
|
+
'mcp': { type: 'boolean', default: false },
|
|
15
|
+
'help': { type: 'boolean', short: 'h', default: false },
|
|
16
|
+
},
|
|
17
|
+
});
|
|
18
|
+
// Launch MCP server when --mcp flag is passed
|
|
19
|
+
if (values.mcp) {
|
|
20
|
+
void import('./mcp.js');
|
|
21
|
+
}
|
|
22
|
+
else {
|
|
23
|
+
const command = positionals[0];
|
|
24
|
+
if (values.help || !command) {
|
|
25
|
+
console.log(`
|
|
26
|
+
depguard — Audit npm packages for security, maintenance, and license compatibility
|
|
27
|
+
|
|
28
|
+
Usage:
|
|
29
|
+
depguard <command> <args> [options]
|
|
30
|
+
|
|
31
|
+
Commands:
|
|
32
|
+
audit <package> Full audit report for a package
|
|
33
|
+
search <keywords...> Search npm for packages by keywords
|
|
34
|
+
score <package> Score a package 0-100
|
|
35
|
+
should-use <intent...> Recommend install vs write-from-scratch
|
|
36
|
+
|
|
37
|
+
Options:
|
|
38
|
+
--target-license <id> Target project license (default: MIT)
|
|
39
|
+
--threshold <n> Score threshold for should-use (default: 60)
|
|
40
|
+
--limit <n> Max results for search (default: 10)
|
|
41
|
+
--json Output as JSON
|
|
42
|
+
--mcp Start MCP server (JSON-RPC over stdio)
|
|
43
|
+
-h, --help Show this help
|
|
44
|
+
`);
|
|
45
|
+
process.exit(0);
|
|
46
|
+
}
|
|
47
|
+
function output(data, json) {
|
|
48
|
+
if (json) {
|
|
49
|
+
console.log(JSON.stringify(data, null, 2));
|
|
50
|
+
}
|
|
51
|
+
else if (typeof data === 'object' && data !== null) {
|
|
52
|
+
printFormatted(data);
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
function printFormatted(obj, indent = 0) {
|
|
56
|
+
const pad = ' '.repeat(indent);
|
|
57
|
+
for (const [key, val] of Object.entries(obj)) {
|
|
58
|
+
if (Array.isArray(val)) {
|
|
59
|
+
if (val.length === 0) {
|
|
60
|
+
console.log(`${pad}${key}: (none)`);
|
|
61
|
+
}
|
|
62
|
+
else if (typeof val[0] === 'object') {
|
|
63
|
+
console.log(`${pad}${key}:`);
|
|
64
|
+
for (const item of val) {
|
|
65
|
+
printFormatted(item, indent + 1);
|
|
66
|
+
console.log();
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
else {
|
|
70
|
+
console.log(`${pad}${key}: ${val.join(', ')}`);
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
else if (typeof val === 'object' && val !== null) {
|
|
74
|
+
console.log(`${pad}${key}:`);
|
|
75
|
+
printFormatted(val, indent + 1);
|
|
76
|
+
}
|
|
77
|
+
else {
|
|
78
|
+
console.log(`${pad}${key}: ${val}`);
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
async function main() {
|
|
83
|
+
const targetLicense = values['target-license'] ?? 'MIT';
|
|
84
|
+
const json = values.json ?? false;
|
|
85
|
+
const limit = parseInt(values.limit ?? '10', 10);
|
|
86
|
+
const threshold = parseInt(values.threshold ?? '60', 10);
|
|
87
|
+
switch (command) {
|
|
88
|
+
case 'audit': {
|
|
89
|
+
const name = positionals[1];
|
|
90
|
+
if (!name) {
|
|
91
|
+
console.error('Usage: depguard audit <package>');
|
|
92
|
+
process.exit(1);
|
|
93
|
+
}
|
|
94
|
+
const report = await audit(name, targetLicense);
|
|
95
|
+
output(report, json);
|
|
96
|
+
break;
|
|
97
|
+
}
|
|
98
|
+
case 'search': {
|
|
99
|
+
const keywords = positionals.slice(1).join(' ');
|
|
100
|
+
if (!keywords) {
|
|
101
|
+
console.error('Usage: depguard search <keywords...>');
|
|
102
|
+
process.exit(1);
|
|
103
|
+
}
|
|
104
|
+
const results = await search(keywords, { limit });
|
|
105
|
+
if (json) {
|
|
106
|
+
output(results, true);
|
|
107
|
+
}
|
|
108
|
+
else {
|
|
109
|
+
for (const entry of results) {
|
|
110
|
+
console.log(` ${String(entry.score).padStart(3)}/100 ${entry.name}@${entry.version}`);
|
|
111
|
+
if (entry.description)
|
|
112
|
+
console.log(` ${entry.description}`);
|
|
113
|
+
console.log();
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
break;
|
|
117
|
+
}
|
|
118
|
+
case 'score': {
|
|
119
|
+
const name = positionals[1];
|
|
120
|
+
if (!name) {
|
|
121
|
+
console.error('Usage: depguard score <package>');
|
|
122
|
+
process.exit(1);
|
|
123
|
+
}
|
|
124
|
+
const result = await score(name, { targetLicense });
|
|
125
|
+
output(result, json);
|
|
126
|
+
break;
|
|
127
|
+
}
|
|
128
|
+
case 'should-use': {
|
|
129
|
+
const intent = positionals.slice(1).join(' ');
|
|
130
|
+
if (!intent) {
|
|
131
|
+
console.error('Usage: depguard should-use <intent...>');
|
|
132
|
+
process.exit(1);
|
|
133
|
+
}
|
|
134
|
+
const rec = await shouldUse(intent, { threshold, targetLicense, limit: 5 });
|
|
135
|
+
output(rec, json);
|
|
136
|
+
break;
|
|
137
|
+
}
|
|
138
|
+
default:
|
|
139
|
+
console.error(`Unknown command: ${command}. Use: audit, search, score, should-use`);
|
|
140
|
+
process.exit(1);
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
main().catch(err => {
|
|
144
|
+
console.error(err.message);
|
|
145
|
+
process.exit(1);
|
|
146
|
+
});
|
|
147
|
+
} // end else --mcp
|
|
148
|
+
//# sourceMappingURL=cli.js.map
|
package/dist/cli.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAA;AACrC,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AAExC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,SAAS,CAAC;IACxC,gBAAgB,EAAE,IAAI;IACtB,OAAO,EAAE;QACP,gBAAgB,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE;QACpD,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;QAC9C,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE;QAC1C,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE;QAC3C,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE;QAC1C,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE;KACxD;CACF,CAAC,CAAA;AAEF,8CAA8C;AAC9C,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;IACf,KAAK,MAAM,CAAC,UAAU,CAAC,CAAA;AACzB,CAAC;KAAM,CAAC;IAER,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;IAE9B,IAAI,MAAM,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;CAmBb,CAAC,CAAA;QACA,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;IAED,SAAS,MAAM,CAAC,IAAa,EAAE,IAAa;QAC1C,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QAC5C,CAAC;aAAM,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YACrD,cAAc,CAAC,IAA+B,CAAC,CAAA;QACjD,CAAC;IACH,CAAC;IAED,SAAS,cAAc,CAAC,GAA4B,EAAE,MAAM,GAAG,CAAC;QAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QAC/B,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7C,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACrB,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,UAAU,CAAC,CAAA;gBACrC,CAAC;qBAAM,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACtC,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC,CAAA;oBAC5B,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;wBACvB,cAAc,CAAC,IAA+B,EAAE,MAAM,GAAG,CAAC,CAAC,CAAA;wBAC3D,OAAO,CAAC,GAAG,EAAE,CAAA;oBACf,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,KAAK,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAChD,CAAC;YACH,CAAC;iBAAM,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;gBACnD,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC,CAAA;gBAC5B,cAAc,CAAC,GAA8B,EAAE,MAAM,GAAG,CAAC,CAAC,CAAA;YAC5D,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,KAAK,GAAG,EAAE,CAAC,CAAA;YACrC,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,UAAU,IAAI;QACjB,MAAM,aAAa,GAAG,MAAM,CAAC,gBAAgB,CAAC,IAAI,KAAK,CAAA;QACvD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,KAAK,CAAA;QACjC,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,IAAI,IAAI,EAAE,EAAE,CAAC,CAAA;QAChD,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,EAAE,CAAC,CAAA;QAExD,QAAQ,OAAO,EAAE,CAAC;YAChB,KAAK,OAAO,CAAC,CAAC,CAAC;gBACb,MAAM,IAAI,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;gBAC3B,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAA;oBAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACjB,CAAC;gBACD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,aAAa,CAAC,CAAA;gBAC/C,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;gBACpB,MAAK;YACP,CAAC;YAED,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBAC/C,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAA;oBACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACjB,CAAC;gBACD,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,CAAA;gBACjD,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBACvB,CAAC;qBAAM,CAAC;oBACN,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;wBAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;wBACvF,IAAI,KAAK,CAAC,WAAW;4BAAE,OAAO,CAAC,GAAG,CAAC,YAAY,KAAK,CAAC,WAAW,EAAE,CAAC,CAAA;wBACnE,OAAO,CAAC,GAAG,EAAE,CAAA;oBACf,CAAC;gBACH,CAAC;gBACD,MAAK;YACP,CAAC;YAED,KAAK,OAAO,CAAC,CAAC,CAAC;gBACb,MAAM,IAAI,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;gBAC3B,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAA;oBAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACjB,CAAC;gBACD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,EAAE,aAAa,EAAE,CAAC,CAAA;gBACnD,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;gBACpB,MAAK;YACP,CAAC;YAED,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBAC7C,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAA;oBACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;gBACjB,CAAC;gBACD,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAA;gBAC3E,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;gBACjB,MAAK;YACP,CAAC;YAED;gBACE,OAAO,CAAC,KAAK,CAAC,oBAAoB,OAAO,yCAAyC,CAAC,CAAA;gBACnF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACnB,CAAC;IACH,CAAC;IAED,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;QACjB,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAC1B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;AACF,CAAC,CAAC,iBAAiB"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
export { audit } from './audit.js';
|
|
2
|
+
export { search } from './search.js';
|
|
3
|
+
export { score } from './scorer.js';
|
|
4
|
+
export { shouldUse } from './advisor.js';
|
|
5
|
+
export { checkLicenseCompatibility, knownLicenses } from './license.js';
|
|
6
|
+
export { clearCache } from './registry.js';
|
|
7
|
+
export { calculateSavings, estimateTokens } from './tokens.js';
|
|
8
|
+
export type { AdvisorOptions, AuditReport, CacheEntry, FetchFn, LicenseCompatibility, NpmAdvisory, NpmDownloadsResponse, NpmPackageData, NpmSearchResult, NpmVersionData, Recommendation, ScoreResult, ScoreWeights, SearchEntry, SearchOptions, VulnerabilitySummary, } from './types.js';
|
|
9
|
+
export type { TokenSavings } from './tokens.js';
|
|
10
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC9D,YAAY,EACV,cAAc,EACd,WAAW,EACX,UAAU,EACV,OAAO,EACP,oBAAoB,EACpB,WAAW,EACX,oBAAoB,EACpB,cAAc,EACd,eAAe,EACf,cAAc,EACd,cAAc,EACd,WAAW,EACX,YAAY,EACZ,WAAW,EACX,aAAa,EACb,oBAAoB,GACrB,MAAM,YAAY,CAAA;AACnB,YAAY,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA"}
|
package/dist/index.js
ADDED
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export { audit } from './audit.js';
|
|
2
|
+
export { search } from './search.js';
|
|
3
|
+
export { score } from './scorer.js';
|
|
4
|
+
export { shouldUse } from './advisor.js';
|
|
5
|
+
export { checkLicenseCompatibility, knownLicenses } from './license.js';
|
|
6
|
+
export { clearCache } from './registry.js';
|
|
7
|
+
export { calculateSavings, estimateTokens } from './tokens.js';
|
|
8
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACvE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAC1C,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import type { LicenseCompatibility } from './types.js';
|
|
2
|
+
/**
|
|
3
|
+
* Check if a dependency's license is compatible with the project's target license.
|
|
4
|
+
*
|
|
5
|
+
* Rule: a dependency can be used if its license is equally or more permissive
|
|
6
|
+
* than the target. Strong copyleft (GPL) deps cannot be used in permissive projects.
|
|
7
|
+
*/
|
|
8
|
+
export declare function checkLicenseCompatibility(depLicense: string | null | undefined, targetLicense: string): LicenseCompatibility;
|
|
9
|
+
/** Get all known license identifiers */
|
|
10
|
+
export declare function knownLicenses(): string[];
|
|
11
|
+
//# sourceMappingURL=license.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"license.d.ts","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAA;AA+EtD;;;;;GAKG;AACH,wBAAgB,yBAAyB,CACvC,UAAU,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACrC,aAAa,EAAE,MAAM,GACpB,oBAAoB,CA2DtB;AAED,wCAAwC;AACxC,wBAAgB,aAAa,IAAI,MAAM,EAAE,CAExC"}
|
package/dist/license.js
ADDED
|
@@ -0,0 +1,133 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* License categories from most to least permissive.
|
|
3
|
+
* Permissive licenses are compatible with everything at their level or above.
|
|
4
|
+
*/
|
|
5
|
+
const LICENSE_CATEGORIES = {
|
|
6
|
+
// Public domain / ultra-permissive
|
|
7
|
+
'Unlicense': 0,
|
|
8
|
+
'CC0-1.0': 0,
|
|
9
|
+
'0BSD': 0,
|
|
10
|
+
// Permissive
|
|
11
|
+
'MIT': 1,
|
|
12
|
+
'ISC': 1,
|
|
13
|
+
'BSD-2-Clause': 1,
|
|
14
|
+
'BSD-3-Clause': 1,
|
|
15
|
+
'Apache-2.0': 1,
|
|
16
|
+
'Zlib': 1,
|
|
17
|
+
// Weak copyleft
|
|
18
|
+
'LGPL-2.1': 2,
|
|
19
|
+
'LGPL-2.1-only': 2,
|
|
20
|
+
'LGPL-2.1-or-later': 2,
|
|
21
|
+
'LGPL-3.0': 2,
|
|
22
|
+
'LGPL-3.0-only': 2,
|
|
23
|
+
'LGPL-3.0-or-later': 2,
|
|
24
|
+
'MPL-2.0': 2,
|
|
25
|
+
'EPL-2.0': 2,
|
|
26
|
+
// Strong copyleft
|
|
27
|
+
'GPL-2.0': 3,
|
|
28
|
+
'GPL-2.0-only': 3,
|
|
29
|
+
'GPL-2.0-or-later': 3,
|
|
30
|
+
'GPL-3.0': 3,
|
|
31
|
+
'GPL-3.0-only': 3,
|
|
32
|
+
'GPL-3.0-or-later': 3,
|
|
33
|
+
// Network copyleft
|
|
34
|
+
'AGPL-3.0': 4,
|
|
35
|
+
'AGPL-3.0-only': 4,
|
|
36
|
+
'AGPL-3.0-or-later': 4,
|
|
37
|
+
};
|
|
38
|
+
/** Normalize common license strings to SPDX identifiers */
|
|
39
|
+
function normalizeLicense(raw) {
|
|
40
|
+
const trimmed = raw.trim();
|
|
41
|
+
const aliases = {
|
|
42
|
+
'MIT': 'MIT',
|
|
43
|
+
'ISC': 'ISC',
|
|
44
|
+
'BSD': 'BSD-2-Clause',
|
|
45
|
+
'BSD-2': 'BSD-2-Clause',
|
|
46
|
+
'BSD-3': 'BSD-3-Clause',
|
|
47
|
+
'Apache 2.0': 'Apache-2.0',
|
|
48
|
+
'Apache2': 'Apache-2.0',
|
|
49
|
+
'Apache-2': 'Apache-2.0',
|
|
50
|
+
'GPL-2': 'GPL-2.0',
|
|
51
|
+
'GPL-3': 'GPL-3.0',
|
|
52
|
+
'LGPL-2': 'LGPL-2.1',
|
|
53
|
+
'LGPL-3': 'LGPL-3.0',
|
|
54
|
+
'AGPL-3': 'AGPL-3.0',
|
|
55
|
+
'MPL 2.0': 'MPL-2.0',
|
|
56
|
+
'Unlicense': 'Unlicense',
|
|
57
|
+
'UNLICENSED': 'UNLICENSED',
|
|
58
|
+
};
|
|
59
|
+
// Try direct match first (case-sensitive for SPDX)
|
|
60
|
+
if (trimmed in LICENSE_CATEGORIES)
|
|
61
|
+
return trimmed;
|
|
62
|
+
// Try case-insensitive alias match
|
|
63
|
+
const upper = trimmed.toUpperCase();
|
|
64
|
+
for (const [alias, spdx] of Object.entries(aliases)) {
|
|
65
|
+
if (alias.toUpperCase() === upper)
|
|
66
|
+
return spdx;
|
|
67
|
+
}
|
|
68
|
+
return trimmed;
|
|
69
|
+
}
|
|
70
|
+
/**
|
|
71
|
+
* Check if a dependency's license is compatible with the project's target license.
|
|
72
|
+
*
|
|
73
|
+
* Rule: a dependency can be used if its license is equally or more permissive
|
|
74
|
+
* than the target. Strong copyleft (GPL) deps cannot be used in permissive projects.
|
|
75
|
+
*/
|
|
76
|
+
export function checkLicenseCompatibility(depLicense, targetLicense) {
|
|
77
|
+
if (!depLicense) {
|
|
78
|
+
return {
|
|
79
|
+
compatible: false,
|
|
80
|
+
license: null,
|
|
81
|
+
targetLicense,
|
|
82
|
+
reason: 'No license specified — cannot determine compatibility',
|
|
83
|
+
};
|
|
84
|
+
}
|
|
85
|
+
const normalizedDep = normalizeLicense(depLicense);
|
|
86
|
+
const normalizedTarget = normalizeLicense(targetLicense);
|
|
87
|
+
if (normalizedDep === 'UNLICENSED') {
|
|
88
|
+
return {
|
|
89
|
+
compatible: false,
|
|
90
|
+
license: normalizedDep,
|
|
91
|
+
targetLicense: normalizedTarget,
|
|
92
|
+
reason: 'Package is UNLICENSED — not safe for any project',
|
|
93
|
+
};
|
|
94
|
+
}
|
|
95
|
+
const depCategory = LICENSE_CATEGORIES[normalizedDep];
|
|
96
|
+
const targetCategory = LICENSE_CATEGORIES[normalizedTarget];
|
|
97
|
+
if (depCategory === undefined) {
|
|
98
|
+
return {
|
|
99
|
+
compatible: false,
|
|
100
|
+
license: normalizedDep,
|
|
101
|
+
targetLicense: normalizedTarget,
|
|
102
|
+
reason: `Unknown license "${normalizedDep}" — manual review required`,
|
|
103
|
+
};
|
|
104
|
+
}
|
|
105
|
+
if (targetCategory === undefined) {
|
|
106
|
+
return {
|
|
107
|
+
compatible: false,
|
|
108
|
+
license: normalizedDep,
|
|
109
|
+
targetLicense: normalizedTarget,
|
|
110
|
+
reason: `Unknown target license "${normalizedTarget}" — manual review required`,
|
|
111
|
+
};
|
|
112
|
+
}
|
|
113
|
+
// Dependency must be equally or more permissive (lower or equal category)
|
|
114
|
+
if (depCategory <= targetCategory) {
|
|
115
|
+
return {
|
|
116
|
+
compatible: true,
|
|
117
|
+
license: normalizedDep,
|
|
118
|
+
targetLicense: normalizedTarget,
|
|
119
|
+
reason: `"${normalizedDep}" is compatible with "${normalizedTarget}"`,
|
|
120
|
+
};
|
|
121
|
+
}
|
|
122
|
+
return {
|
|
123
|
+
compatible: false,
|
|
124
|
+
license: normalizedDep,
|
|
125
|
+
targetLicense: normalizedTarget,
|
|
126
|
+
reason: `"${normalizedDep}" is more restrictive than "${normalizedTarget}"`,
|
|
127
|
+
};
|
|
128
|
+
}
|
|
129
|
+
/** Get all known license identifiers */
|
|
130
|
+
export function knownLicenses() {
|
|
131
|
+
return Object.keys(LICENSE_CATEGORIES);
|
|
132
|
+
}
|
|
133
|
+
//# sourceMappingURL=license.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"license.js","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,kBAAkB,GAA2B;IACjD,mCAAmC;IACnC,WAAW,EAAE,CAAC;IACd,SAAS,EAAE,CAAC;IACZ,MAAM,EAAE,CAAC;IAET,aAAa;IACb,KAAK,EAAE,CAAC;IACR,KAAK,EAAE,CAAC;IACR,cAAc,EAAE,CAAC;IACjB,cAAc,EAAE,CAAC;IACjB,YAAY,EAAE,CAAC;IACf,MAAM,EAAE,CAAC;IAET,gBAAgB;IAChB,UAAU,EAAE,CAAC;IACb,eAAe,EAAE,CAAC;IAClB,mBAAmB,EAAE,CAAC;IACtB,UAAU,EAAE,CAAC;IACb,eAAe,EAAE,CAAC;IAClB,mBAAmB,EAAE,CAAC;IACtB,SAAS,EAAE,CAAC;IACZ,SAAS,EAAE,CAAC;IAEZ,kBAAkB;IAClB,SAAS,EAAE,CAAC;IACZ,cAAc,EAAE,CAAC;IACjB,kBAAkB,EAAE,CAAC;IACrB,SAAS,EAAE,CAAC;IACZ,cAAc,EAAE,CAAC;IACjB,kBAAkB,EAAE,CAAC;IAErB,mBAAmB;IACnB,UAAU,EAAE,CAAC;IACb,eAAe,EAAE,CAAC;IAClB,mBAAmB,EAAE,CAAC;CACvB,CAAA;AAED,2DAA2D;AAC3D,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAA;IAE1B,MAAM,OAAO,GAA2B;QACtC,KAAK,EAAE,KAAK;QACZ,KAAK,EAAE,KAAK;QACZ,KAAK,EAAE,cAAc;QACrB,OAAO,EAAE,cAAc;QACvB,OAAO,EAAE,cAAc;QACvB,YAAY,EAAE,YAAY;QAC1B,SAAS,EAAE,YAAY;QACvB,UAAU,EAAE,YAAY;QACxB,OAAO,EAAE,SAAS;QAClB,OAAO,EAAE,SAAS;QAClB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,WAAW,EAAE,WAAW;QACxB,YAAY,EAAE,YAAY;KAC3B,CAAA;IAED,mDAAmD;IACnD,IAAI,OAAO,IAAI,kBAAkB;QAAE,OAAO,OAAO,CAAA;IAEjD,mCAAmC;IACnC,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAA;IACnC,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,IAAI,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK;YAAE,OAAO,IAAI,CAAA;IAChD,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,UAAqC,EACrC,aAAqB;IAErB,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,IAAI;YACb,aAAa;YACb,MAAM,EAAE,uDAAuD;SAChE,CAAA;IACH,CAAC;IAED,MAAM,aAAa,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAA;IAClD,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,aAAa,CAAC,CAAA;IAExD,IAAI,aAAa,KAAK,YAAY,EAAE,CAAC;QACnC,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,kDAAkD;SAC3D,CAAA;IACH,CAAC;IAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,aAAa,CAAC,CAAA;IACrD,MAAM,cAAc,GAAG,kBAAkB,CAAC,gBAAgB,CAAC,CAAA;IAE3D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,oBAAoB,aAAa,4BAA4B;SACtE,CAAA;IACH,CAAC;IAED,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACjC,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,2BAA2B,gBAAgB,4BAA4B;SAChF,CAAA;IACH,CAAC;IAED,0EAA0E;IAC1E,IAAI,WAAW,IAAI,cAAc,EAAE,CAAC;QAClC,OAAO;YACL,UAAU,EAAE,IAAI;YAChB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,IAAI,aAAa,yBAAyB,gBAAgB,GAAG;SACtE,CAAA;IACH,CAAC;IAED,OAAO;QACL,UAAU,EAAE,KAAK;QACjB,OAAO,EAAE,aAAa;QACtB,aAAa,EAAE,gBAAgB;QAC/B,MAAM,EAAE,IAAI,aAAa,+BAA+B,gBAAgB,GAAG;KAC5E,CAAA;AACH,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,aAAa;IAC3B,OAAO,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;AACxC,CAAC"}
|
package/dist/mcp.d.ts
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* MCP (Model Context Protocol) server for depguard.
|
|
4
|
+
*
|
|
5
|
+
* Exposes depguard functions as MCP tools over stdio transport.
|
|
6
|
+
* Protocol: JSON-RPC 2.0 over stdin/stdout (one JSON object per line).
|
|
7
|
+
*
|
|
8
|
+
* Zero dependencies — implements the MCP subset needed for tool serving.
|
|
9
|
+
*/
|
|
10
|
+
export {};
|
|
11
|
+
//# sourceMappingURL=mcp.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp.d.ts","sourceRoot":"","sources":["../src/mcp.ts"],"names":[],"mappings":";AAEA;;;;;;;GAOG"}
|
package/dist/mcp.js
ADDED
|
@@ -0,0 +1,179 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* MCP (Model Context Protocol) server for depguard.
|
|
4
|
+
*
|
|
5
|
+
* Exposes depguard functions as MCP tools over stdio transport.
|
|
6
|
+
* Protocol: JSON-RPC 2.0 over stdin/stdout (one JSON object per line).
|
|
7
|
+
*
|
|
8
|
+
* Zero dependencies — implements the MCP subset needed for tool serving.
|
|
9
|
+
*/
|
|
10
|
+
import { audit } from './audit.js';
|
|
11
|
+
import { search } from './search.js';
|
|
12
|
+
import { score } from './scorer.js';
|
|
13
|
+
import { shouldUse } from './advisor.js';
|
|
14
|
+
import { calculateSavings } from './tokens.js';
|
|
15
|
+
const SERVER_INFO = {
|
|
16
|
+
name: 'depguard',
|
|
17
|
+
version: '1.1.1',
|
|
18
|
+
};
|
|
19
|
+
const TOOLS = [
|
|
20
|
+
{
|
|
21
|
+
name: 'depguard_audit',
|
|
22
|
+
description: 'Full security audit of an npm package: vulnerabilities, maintenance, license compatibility, dependencies, and install scripts.',
|
|
23
|
+
inputSchema: {
|
|
24
|
+
type: 'object',
|
|
25
|
+
properties: {
|
|
26
|
+
name: { type: 'string', description: 'npm package name' },
|
|
27
|
+
targetLicense: { type: 'string', description: 'Project license for compatibility check (default: MIT)' },
|
|
28
|
+
},
|
|
29
|
+
required: ['name'],
|
|
30
|
+
},
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
name: 'depguard_search',
|
|
34
|
+
description: 'Search npm for packages matching keywords, sorted by quality score.',
|
|
35
|
+
inputSchema: {
|
|
36
|
+
type: 'object',
|
|
37
|
+
properties: {
|
|
38
|
+
keywords: { type: 'string', description: 'Search keywords' },
|
|
39
|
+
limit: { type: 'number', description: 'Max results (default: 10)' },
|
|
40
|
+
minScore: { type: 'number', description: 'Minimum score filter 0-100 (default: 0)' },
|
|
41
|
+
},
|
|
42
|
+
required: ['keywords'],
|
|
43
|
+
},
|
|
44
|
+
},
|
|
45
|
+
{
|
|
46
|
+
name: 'depguard_score',
|
|
47
|
+
description: 'Score an npm package 0-100 across security, maintenance, popularity, license, and dependencies.',
|
|
48
|
+
inputSchema: {
|
|
49
|
+
type: 'object',
|
|
50
|
+
properties: {
|
|
51
|
+
name: { type: 'string', description: 'npm package name' },
|
|
52
|
+
targetLicense: { type: 'string', description: 'Project license for compatibility check (default: MIT)' },
|
|
53
|
+
},
|
|
54
|
+
required: ['name'],
|
|
55
|
+
},
|
|
56
|
+
},
|
|
57
|
+
{
|
|
58
|
+
name: 'depguard_should_use',
|
|
59
|
+
description: 'Given an intent (e.g. "date formatting"), search packages, audit top candidates, and recommend install vs write-from-scratch.',
|
|
60
|
+
inputSchema: {
|
|
61
|
+
type: 'object',
|
|
62
|
+
properties: {
|
|
63
|
+
intent: { type: 'string', description: 'What you want to accomplish (e.g. "http client", "date formatting")' },
|
|
64
|
+
threshold: { type: 'number', description: 'Score threshold for install recommendation (default: 60)' },
|
|
65
|
+
targetLicense: { type: 'string', description: 'Project license for compatibility check (default: MIT)' },
|
|
66
|
+
},
|
|
67
|
+
required: ['intent'],
|
|
68
|
+
},
|
|
69
|
+
},
|
|
70
|
+
];
|
|
71
|
+
function success(id, result) {
|
|
72
|
+
return { jsonrpc: '2.0', id, result };
|
|
73
|
+
}
|
|
74
|
+
function error(id, code, message) {
|
|
75
|
+
return { jsonrpc: '2.0', id, error: { code, message } };
|
|
76
|
+
}
|
|
77
|
+
function toolResult(toolName, content, argCount) {
|
|
78
|
+
const responseJson = JSON.stringify(content, null, 2);
|
|
79
|
+
const savings = calculateSavings(toolName, responseJson, argCount);
|
|
80
|
+
const enriched = { ...content, tokenSavings: savings };
|
|
81
|
+
return {
|
|
82
|
+
content: [{ type: 'text', text: JSON.stringify(enriched, null, 2) }],
|
|
83
|
+
};
|
|
84
|
+
}
|
|
85
|
+
async function handleRequest(req) {
|
|
86
|
+
switch (req.method) {
|
|
87
|
+
case 'initialize':
|
|
88
|
+
return success(req.id, {
|
|
89
|
+
protocolVersion: '2024-11-05',
|
|
90
|
+
capabilities: { tools: {} },
|
|
91
|
+
serverInfo: SERVER_INFO,
|
|
92
|
+
});
|
|
93
|
+
case 'notifications/initialized':
|
|
94
|
+
// Client acknowledgment, no response needed but we return anyway
|
|
95
|
+
return success(req.id, {});
|
|
96
|
+
case 'tools/list':
|
|
97
|
+
return success(req.id, { tools: TOOLS });
|
|
98
|
+
case 'tools/call': {
|
|
99
|
+
const params = req.params;
|
|
100
|
+
if (!params?.name) {
|
|
101
|
+
return error(req.id, -32602, 'Missing tool name');
|
|
102
|
+
}
|
|
103
|
+
const args = params.arguments ?? {};
|
|
104
|
+
try {
|
|
105
|
+
switch (params.name) {
|
|
106
|
+
case 'depguard_audit': {
|
|
107
|
+
const result = await audit(args.name, args.targetLicense ?? 'MIT');
|
|
108
|
+
return success(req.id, toolResult('depguard_audit', result));
|
|
109
|
+
}
|
|
110
|
+
case 'depguard_search': {
|
|
111
|
+
const result = await search(args.keywords, {
|
|
112
|
+
limit: args.limit ?? 10,
|
|
113
|
+
minScore: args.minScore ?? 0,
|
|
114
|
+
});
|
|
115
|
+
return success(req.id, toolResult('depguard_search', result));
|
|
116
|
+
}
|
|
117
|
+
case 'depguard_score': {
|
|
118
|
+
const result = await score(args.name, {
|
|
119
|
+
targetLicense: args.targetLicense ?? 'MIT',
|
|
120
|
+
});
|
|
121
|
+
return success(req.id, toolResult('depguard_score', result));
|
|
122
|
+
}
|
|
123
|
+
case 'depguard_should_use': {
|
|
124
|
+
const limit = args.limit ?? 5;
|
|
125
|
+
const result = await shouldUse(args.intent, {
|
|
126
|
+
threshold: args.threshold ?? 60,
|
|
127
|
+
targetLicense: args.targetLicense ?? 'MIT',
|
|
128
|
+
});
|
|
129
|
+
return success(req.id, toolResult('depguard_should_use', result, limit));
|
|
130
|
+
}
|
|
131
|
+
default:
|
|
132
|
+
return error(req.id, -32601, `Unknown tool: ${params.name}`);
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
catch (err) {
|
|
136
|
+
const message = err instanceof Error ? err.message : 'Unknown error';
|
|
137
|
+
return success(req.id, {
|
|
138
|
+
content: [{ type: 'text', text: `Error: ${message}` }],
|
|
139
|
+
isError: true,
|
|
140
|
+
});
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
default:
|
|
144
|
+
// Ignore unknown notifications (method starts with notifications/)
|
|
145
|
+
if (req.method.startsWith('notifications/')) {
|
|
146
|
+
return success(req.id, {});
|
|
147
|
+
}
|
|
148
|
+
return error(req.id, -32601, `Method not found: ${req.method}`);
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
async function main() {
|
|
152
|
+
const { createInterface } = await import('node:readline');
|
|
153
|
+
const rl = createInterface({ input: process.stdin });
|
|
154
|
+
for await (const line of rl) {
|
|
155
|
+
const trimmed = line.trim();
|
|
156
|
+
if (!trimmed)
|
|
157
|
+
continue;
|
|
158
|
+
try {
|
|
159
|
+
const req = JSON.parse(trimmed);
|
|
160
|
+
// Notifications have no id — don't send a response
|
|
161
|
+
if (req.id === undefined || req.id === null) {
|
|
162
|
+
// Still handle it (e.g. notifications/initialized) but don't respond
|
|
163
|
+
await handleRequest({ ...req, id: 0 });
|
|
164
|
+
continue;
|
|
165
|
+
}
|
|
166
|
+
const response = await handleRequest(req);
|
|
167
|
+
process.stdout.write(JSON.stringify(response) + '\n');
|
|
168
|
+
}
|
|
169
|
+
catch {
|
|
170
|
+
const errResponse = error(null, -32700, 'Parse error');
|
|
171
|
+
process.stdout.write(JSON.stringify(errResponse) + '\n');
|
|
172
|
+
}
|
|
173
|
+
}
|
|
174
|
+
}
|
|
175
|
+
main().catch(err => {
|
|
176
|
+
process.stderr.write(`MCP server error: ${err.message}\n`);
|
|
177
|
+
process.exit(1);
|
|
178
|
+
});
|
|
179
|
+
//# sourceMappingURL=mcp.js.map
|
package/dist/mcp.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mcp.js","sourceRoot":"","sources":["../src/mcp.ts"],"names":[],"mappings":";AAEA;;;;;;;GAOG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AAE9C,MAAM,WAAW,GAAG;IAClB,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,OAAO;CACjB,CAAA;AAED,MAAM,KAAK,GAAG;IACZ;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gIAAgI;QAC7I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;gBACzD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qEAAqE;QAClF,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE;gBAC5D,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;gBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;aACrF;YACD,QAAQ,EAAE,CAAC,UAAU,CAAC;SACvB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,iGAAiG;QAC9G,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;gBACzD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,+HAA+H;QAC5I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qEAAqE,EAAE;gBAC9G,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0DAA0D,EAAE;gBACtG,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;SACrB;KACF;CACF,CAAA;AAgBD,SAAS,OAAO,CAAC,EAAmB,EAAE,MAAe;IACnD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAA;AACvC,CAAC;AAED,SAAS,KAAK,CAAC,EAA0B,EAAE,IAAY,EAAE,OAAe;IACtE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,CAAA;AACzD,CAAC;AAED,SAAS,UAAU,CAAC,QAAgB,EAAE,OAAgB,EAAE,QAAiB;IACvE,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IACrD,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAA;IAClE,MAAM,QAAQ,GAAG,EAAE,GAAI,OAAmC,EAAE,YAAY,EAAE,OAAO,EAAE,CAAA;IACnF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACrE,CAAA;AACH,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,GAAmB;IAC9C,QAAQ,GAAG,CAAC,MAAM,EAAE,CAAC;QACnB,KAAK,YAAY;YACf,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;gBACrB,eAAe,EAAE,YAAY;gBAC7B,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;gBAC3B,UAAU,EAAE,WAAW;aACxB,CAAC,CAAA;QAEJ,KAAK,2BAA2B;YAC9B,iEAAiE;YACjE,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAE5B,KAAK,YAAY;YACf,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;QAE1C,KAAK,YAAY,CAAC,CAAC,CAAC;YAClB,MAAM,MAAM,GAAG,GAAG,CAAC,MAA2E,CAAA;YAC9F,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC;gBAClB,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAA;YACnD,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,CAAC,SAAS,IAAI,EAAE,CAAA;YAEnC,IAAI,CAAC;gBACH,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;oBACpB,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,MAAM,GAAG,MAAM,KAAK,CACxB,IAAI,CAAC,IAAc,EAClB,IAAI,CAAC,aAAwB,IAAI,KAAK,CACxC,CAAA;wBACD,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED,KAAK,iBAAiB,CAAC,CAAC,CAAC;wBACvB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,QAAkB,EAAE;4BACnD,KAAK,EAAG,IAAI,CAAC,KAAgB,IAAI,EAAE;4BACnC,QAAQ,EAAG,IAAI,CAAC,QAAmB,IAAI,CAAC;yBACzC,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC/D,CAAC;oBAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAc,EAAE;4BAC9C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED,KAAK,qBAAqB,CAAC,CAAC,CAAC;wBAC3B,MAAM,KAAK,GAAI,IAAI,CAAC,KAAgB,IAAI,CAAC,CAAA;wBACzC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,MAAgB,EAAE;4BACpD,SAAS,EAAG,IAAI,CAAC,SAAoB,IAAI,EAAE;4BAC3C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,qBAAqB,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAA;oBAC1E,CAAC;oBAED;wBACE,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,iBAAiB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAA;gBAChE,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;oBACrB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,OAAO,EAAE,EAAE,CAAC;oBACtD,OAAO,EAAE,IAAI;iBACd,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED;YACE,mEAAmE;YACnE,IAAI,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAC5C,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;YAC5B,CAAC;YACD,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,qBAAqB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAA;IACnE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAA;IAEzD,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAA;IAEpD,IAAI,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QAC3B,IAAI,CAAC,OAAO;YAAE,SAAQ;QAEtB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAA;YAEjD,mDAAmD;YACnD,IAAI,GAAG,CAAC,EAAE,KAAK,SAAS,IAAI,GAAG,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC5C,qEAAqE;gBACrE,MAAM,aAAa,CAAC,EAAE,GAAG,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAA;gBACtC,SAAQ;YACV,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;YACzC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAA;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAA;YACtD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;IACjB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,CAAC,OAAO,IAAI,CAAC,CAAA;IAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC,CAAA"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { FetchFn, NpmPackageData, NpmSearchResult, NpmAdvisory } from './types.js';
|
|
2
|
+
/** Clear the in-memory cache */
|
|
3
|
+
export declare function clearCache(): void;
|
|
4
|
+
/** Fetch package metadata from npm registry */
|
|
5
|
+
export declare function fetchPackage(name: string, fetcher?: FetchFn): Promise<NpmPackageData | null>;
|
|
6
|
+
/** Fetch weekly download count */
|
|
7
|
+
export declare function fetchDownloads(name: string, fetcher?: FetchFn): Promise<number>;
|
|
8
|
+
/** Search npm registry */
|
|
9
|
+
export declare function searchPackages(keywords: string, limit?: number, fetcher?: FetchFn): Promise<NpmSearchResult>;
|
|
10
|
+
/** Fetch security advisories for a package via the bulk endpoint */
|
|
11
|
+
export declare function fetchAdvisories(name: string, version: string, fetcher?: FetchFn): Promise<NpmAdvisory[]>;
|
|
12
|
+
//# sourceMappingURL=registry.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../src/registry.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAEV,OAAO,EAEP,cAAc,EACd,eAAe,EACf,WAAW,EACZ,MAAM,YAAY,CAAA;AAyBnB,gCAAgC;AAChC,wBAAgB,UAAU,IAAI,IAAI,CAEjC;AAED,+CAA+C;AAC/C,wBAAsB,YAAY,CAChC,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,OAA0B,GAClC,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAgBhC;AAED,kCAAkC;AAClC,wBAAsB,cAAc,CAClC,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,OAA0B,GAClC,OAAO,CAAC,MAAM,CAAC,CAgBjB;AAED,0BAA0B;AAC1B,wBAAsB,cAAc,CAClC,QAAQ,EAAE,MAAM,EAChB,KAAK,SAAK,EACV,OAAO,GAAE,OAA0B,GAClC,OAAO,CAAC,eAAe,CAAC,CAmB1B;AAED,oEAAoE;AACpE,wBAAsB,eAAe,CACnC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,OAAO,GAAE,OAA0B,GAClC,OAAO,CAAC,WAAW,EAAE,CAAC,CAmBxB"}
|