framework-mcp 2.5.6 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. package/README.md +34 -9
  2. package/dist/core/safeguard-manager.js +4 -4
  3. package/dist/core/safeguard-manager.js.map +1 -1
  4. package/dist/index.d.ts +1 -0
  5. package/dist/index.d.ts.map +1 -1
  6. package/dist/index.js.map +1 -1
  7. package/dist/interfaces/http/http-server.js +3 -3
  8. package/dist/interfaces/mcp/mcp-server.js +3 -3
  9. package/dist/shared/types.d.ts +49 -25
  10. package/dist/shared/types.d.ts.map +1 -1
  11. package/dist/shared/types.js.map +1 -1
  12. package/package.json +8 -1
  13. package/swagger.json +9 -77
  14. package/.claude/agents/mcp-developer.md +0 -41
  15. package/.claude/agents/project-orchestrator.md +0 -43
  16. package/.claude/agents/version-consistency-reviewer.md +0 -50
  17. package/.claude/commands/speckit.analyze.md +0 -184
  18. package/.claude/commands/speckit.checklist.md +0 -294
  19. package/.claude/commands/speckit.clarify.md +0 -181
  20. package/.claude/commands/speckit.constitution.md +0 -82
  21. package/.claude/commands/speckit.implement.md +0 -135
  22. package/.claude/commands/speckit.plan.md +0 -89
  23. package/.claude/commands/speckit.specify.md +0 -258
  24. package/.claude/commands/speckit.tasks.md +0 -137
  25. package/.claude/commands/speckit.taskstoissues.md +0 -30
  26. package/.claude/config.json +0 -11
  27. package/.claude_config.json +0 -11
  28. package/.do/app.yaml +0 -78
  29. package/.github/dependabot.yml +0 -15
  30. package/.github/workflows/ci.yml +0 -90
  31. package/.github/workflows/release.yml +0 -30
  32. package/.mcp.json +0 -11
  33. package/.specify/memory/constitution.md +0 -50
  34. package/.specify/scripts/bash/check-prerequisites.sh +0 -166
  35. package/.specify/scripts/bash/common.sh +0 -156
  36. package/.specify/scripts/bash/create-new-feature.sh +0 -297
  37. package/.specify/scripts/bash/setup-plan.sh +0 -61
  38. package/.specify/scripts/bash/update-agent-context.sh +0 -799
  39. package/.specify/templates/agent-file-template.md +0 -28
  40. package/.specify/templates/checklist-template.md +0 -40
  41. package/.specify/templates/plan-template.md +0 -104
  42. package/.specify/templates/spec-template.md +0 -115
  43. package/.specify/templates/tasks-template.md +0 -251
  44. package/examples/example-usage.md +0 -293
  45. package/examples/llm-analysis-patterns.md +0 -553
  46. package/examples/vendors.csv +0 -9
  47. package/examples/vendors.json +0 -32
  48. package/scripts/validate-documentation.sh +0 -150
  49. package/src/core/safeguard-manager.ts +0 -4634
  50. package/src/index.ts +0 -17
  51. package/src/interfaces/http/http-server.ts +0 -262
  52. package/src/interfaces/mcp/mcp-server.ts +0 -165
  53. package/src/shared/types.ts +0 -300
  54. package/tsconfig.json +0 -23
package/src/index.ts DELETED
@@ -1,17 +0,0 @@
1
- #!/usr/bin/env node
2
-
3
- // Re-export the MCP server for backward compatibility
4
- import { FrameworkMcpServer } from './interfaces/mcp/mcp-server.js';
5
-
6
- // Start MCP server if this file is run directly
7
- if (import.meta.url === `file://${process.argv[1]}`) {
8
- const server = new FrameworkMcpServer();
9
- server.run().catch(console.error);
10
- }
11
-
12
- export { FrameworkMcpServer } from './interfaces/mcp/mcp-server.js';
13
- export { FrameworkHttpServer } from './interfaces/http/http-server.js';
14
- export { SafeguardManager } from './core/safeguard-manager.js';
15
-
16
- // Pure Data Provider architecture - authentic CIS Controls data via SafeguardManager
17
-
@@ -1,262 +0,0 @@
1
- #!/usr/bin/env node
2
-
3
- import express from 'express';
4
- import cors from 'cors';
5
- import helmet from 'helmet';
6
- import compression from 'compression';
7
- import rateLimit from 'express-rate-limit';
8
- import { SafeguardManager } from '../../core/safeguard-manager.js';
9
- import { RateLimitConfig, RateLimitErrorResponse } from '../../shared/types.js';
10
-
11
- interface ErrorResponse {
12
- error: string;
13
- details?: string;
14
- timestamp: string;
15
- }
16
-
17
- export class FrameworkHttpServer {
18
- private app: express.Application;
19
- private safeguardManager: SafeguardManager;
20
- private port: number;
21
- private rateLimitConfig: RateLimitConfig;
22
-
23
- constructor(port: number = 8080) {
24
- this.app = express();
25
- this.safeguardManager = new SafeguardManager();
26
- this.port = port;
27
- this.rateLimitConfig = this.parseRateLimitConfig();
28
-
29
- this.setupMiddleware();
30
- this.setupRoutes();
31
- this.setupErrorHandling();
32
- }
33
-
34
- private parseRateLimitConfig(): RateLimitConfig {
35
- const skipIpsEnv = process.env.RATE_LIMIT_SKIP_IPS;
36
- return {
37
- windowMs: parseInt(process.env.RATE_LIMIT_WINDOW_MS || '60000', 10),
38
- max: parseInt(process.env.RATE_LIMIT_MAX || '100', 10),
39
- skipIps: skipIpsEnv ? skipIpsEnv.split(',').map(ip => ip.trim()) : undefined
40
- };
41
- }
42
-
43
- private setupMiddleware(): void {
44
- // Rate limiting middleware - must be before other middleware
45
- const limiter = rateLimit({
46
- windowMs: this.rateLimitConfig.windowMs,
47
- max: this.rateLimitConfig.max,
48
- standardHeaders: true,
49
- legacyHeaders: false,
50
- skip: (req) => {
51
- if (this.rateLimitConfig.skipIps && req.ip) {
52
- return this.rateLimitConfig.skipIps.includes(req.ip);
53
- }
54
- return false;
55
- },
56
- message: {
57
- error: 'Too many requests',
58
- retryAfter: 'See Retry-After header',
59
- timestamp: new Date().toISOString()
60
- },
61
- handler: (req, res, _next, options) => {
62
- console.log(`[Rate Limit] IP ${req.ip} exceeded limit`);
63
- res.status(429).json(options.message);
64
- }
65
- });
66
-
67
- this.app.use(limiter);
68
-
69
- // Security middleware
70
- this.app.use(helmet({
71
- contentSecurityPolicy: {
72
- directives: {
73
- defaultSrc: ["'self'"],
74
- styleSrc: ["'self'", "'unsafe-inline'"],
75
- scriptSrc: ["'self'"],
76
- imgSrc: ["'self'", "data:", "https:"],
77
- },
78
- },
79
- }));
80
-
81
- // CORS configuration
82
- this.app.use(cors({
83
- origin: process.env.ALLOWED_ORIGINS?.split(',') || ['http://localhost:3000'],
84
- methods: ['GET', 'POST', 'OPTIONS'],
85
- allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With'],
86
- credentials: true
87
- }));
88
-
89
- // Compression and parsing
90
- this.app.use(compression());
91
- this.app.use(express.json({ limit: '10mb' }));
92
- this.app.use(express.urlencoded({ extended: true, limit: '10mb' }));
93
-
94
- // Request logging in production
95
- if (process.env.NODE_ENV === 'production') {
96
- this.app.use((req, res, next) => {
97
- console.log(`[${new Date().toISOString()}] ${req.method} ${req.path}`);
98
- next();
99
- });
100
- }
101
- }
102
-
103
- private setupRoutes(): void {
104
- // Health check endpoint
105
- this.app.get('/health', (req, res) => {
106
- res.json({
107
- status: 'healthy',
108
- uptime: Math.round(process.uptime()),
109
- version: '2.5.6',
110
- timestamp: new Date().toISOString()
111
- });
112
- });
113
-
114
- // Safeguards health check endpoint - validates data completeness
115
- this.app.get('/api/health/safeguards', (req, res) => {
116
- try {
117
- const allSafeguards = this.safeguardManager.getAllSafeguards();
118
- const safeguardIds = Object.keys(allSafeguards);
119
-
120
- const totalValidated = safeguardIds.length;
121
-
122
- res.json({
123
- status: 'healthy',
124
- safeguards: {
125
- total: totalValidated,
126
- expected: 153,
127
- complete: totalValidated === 153
128
- },
129
- timestamp: new Date().toISOString()
130
- });
131
-
132
- } catch (error) {
133
- res.status(500).json({
134
- status: 'error',
135
- message: 'Failed to validate safeguards data',
136
- error: error instanceof Error ? error.message : 'Unknown error',
137
- timestamp: new Date().toISOString()
138
- });
139
- }
140
- });
141
-
142
-
143
-
144
- // Get safeguard details endpoint
145
- this.app.get('/api/safeguards/:safeguardId', (req, res) => {
146
- try {
147
- const { safeguardId } = req.params;
148
- const includeExamples = req.query.include_examples === 'true';
149
-
150
- this.safeguardManager.validateSafeguardId(safeguardId);
151
-
152
- const safeguard = this.safeguardManager.getSafeguardDetails(safeguardId, includeExamples);
153
- if (!safeguard) {
154
- return res.status(404).json(this.createErrorResponse('Safeguard not found'));
155
- }
156
-
157
- res.json(safeguard);
158
- } catch (error) {
159
- console.error('[HTTP Server] get-safeguard-details error:', error);
160
- res.status(400).json(this.createErrorResponse(error instanceof Error ? error.message : 'Unknown error'));
161
- }
162
- });
163
-
164
- // List all safeguards endpoint
165
- this.app.get('/api/safeguards', (req, res) => {
166
- try {
167
- const safeguards = this.safeguardManager.listAvailableSafeguards();
168
-
169
- res.json({
170
- safeguards,
171
- total: safeguards.length,
172
- framework: 'CIS Controls v8.1',
173
- timestamp: new Date().toISOString()
174
- });
175
- } catch (error) {
176
- console.error('[HTTP Server] list-safeguards error:', error);
177
- res.status(500).json(this.createErrorResponse('Internal server error'));
178
- }
179
- });
180
-
181
-
182
- // API documentation endpoint
183
- this.app.get('/api', (req, res) => {
184
- res.json({
185
- name: 'Framework MCP HTTP API',
186
- version: '2.5.6',
187
- description: 'Pure Data Provider serving authentic CIS Controls Framework data',
188
- endpoints: {
189
- 'GET /api/safeguards': 'List all available CIS safeguards',
190
- 'GET /api/safeguards/:id': 'Get detailed safeguard breakdown',
191
- 'GET /health': 'Health check endpoint',
192
- 'GET /api': 'This documentation'
193
- },
194
- framework: 'CIS Controls v8.1 (153 safeguards)',
195
- deployment: 'Cloud-compatible HTTP API'
196
- });
197
- });
198
-
199
- // Root endpoint redirect
200
- this.app.get('/', (req, res) => {
201
- res.redirect('/api');
202
- });
203
- }
204
-
205
- private setupErrorHandling(): void {
206
- // 404 handler
207
- this.app.use('*', (req, res) => {
208
- res.status(404).json(this.createErrorResponse(
209
- `Endpoint not found: ${req.method} ${req.originalUrl}`,
210
- 'Use GET /api for available endpoints'
211
- ));
212
- });
213
-
214
- // Global error handler
215
- this.app.use((error: Error, req: express.Request, res: express.Response, next: express.NextFunction) => {
216
- console.error('[HTTP Server] Unhandled error:', error);
217
-
218
- if (!res.headersSent) {
219
- res.status(500).json(this.createErrorResponse(
220
- 'Internal server error',
221
- process.env.NODE_ENV === 'development' ? error.message : undefined
222
- ));
223
- }
224
- });
225
- }
226
-
227
- private createErrorResponse(error: string, details?: string): ErrorResponse {
228
- return {
229
- error,
230
- details,
231
- timestamp: new Date().toISOString()
232
- };
233
- }
234
-
235
- public start(): void {
236
- this.app.listen(this.port, '0.0.0.0', () => {
237
- console.log(`🚀 Framework MCP HTTP Server v2.5.6 running on port ${this.port}`);
238
- console.log(`📊 Health check: http://localhost:${this.port}/health`);
239
- console.log(`📖 API docs: http://localhost:${this.port}/api`);
240
- console.log(`🔧 Environment: ${process.env.NODE_ENV || 'development'}`);
241
- console.log(`📊 Pure Data Provider - CIS Controls v8.1`);
242
- });
243
-
244
- // Graceful shutdown handling
245
- process.on('SIGTERM', () => {
246
- console.log('🔄 Received SIGTERM, shutting down gracefully...');
247
- process.exit(0);
248
- });
249
-
250
- process.on('SIGINT', () => {
251
- console.log('🔄 Received SIGINT, shutting down gracefully...');
252
- process.exit(0);
253
- });
254
- }
255
- }
256
-
257
- // Start server if this file is run directly
258
- if (import.meta.url === `file://${process.argv[1]}`) {
259
- const port = parseInt(process.env.PORT || '8080', 10);
260
- const server = new FrameworkHttpServer(port);
261
- server.start();
262
- }
@@ -1,165 +0,0 @@
1
- #!/usr/bin/env node
2
-
3
- import { Server } from '@modelcontextprotocol/sdk/server/index.js';
4
- import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
5
- import {
6
- CallToolRequestSchema,
7
- ListToolsRequestSchema,
8
- Tool,
9
- } from '@modelcontextprotocol/sdk/types.js';
10
-
11
- import { SafeguardManager } from '../../core/safeguard-manager.js';
12
-
13
- export class FrameworkMcpServer {
14
- private server: Server;
15
- private safeguardManager: SafeguardManager;
16
-
17
- constructor() {
18
- this.server = new Server(
19
- {
20
- name: 'framework-analyzer',
21
- version: '2.5.6',
22
- }
23
- );
24
-
25
- this.safeguardManager = new SafeguardManager();
26
-
27
- this.setupHandlers();
28
- }
29
-
30
- private setupHandlers(): void {
31
- // List available tools
32
- this.server.setRequestHandler(ListToolsRequestSchema, async () => {
33
- return {
34
- tools: [
35
- {
36
- name: 'get_safeguard_details',
37
- description: 'Get detailed safeguard breakdown',
38
- inputSchema: {
39
- type: 'object',
40
- properties: {
41
- safeguard_id: {
42
- type: 'string',
43
- description: 'CIS safeguard ID (e.g., "1.1", "5.1")'
44
- },
45
- include_examples: {
46
- type: 'boolean',
47
- description: 'Include implementation examples (default: false)'
48
- }
49
- },
50
- required: ['safeguard_id']
51
- }
52
- } as Tool,
53
- {
54
- name: 'list_available_safeguards',
55
- description: 'List all available CIS safeguards',
56
- inputSchema: {
57
- type: 'object',
58
- properties: {},
59
- additionalProperties: false
60
- }
61
- } as Tool,
62
- ],
63
- };
64
- });
65
-
66
- // Handle tool calls
67
- this.server.setRequestHandler(CallToolRequestSchema, async (request) => {
68
- const { name, arguments: args } = request.params;
69
-
70
- try {
71
- switch (name) {
72
- case 'get_safeguard_details':
73
- return await this.getSafeguardDetails(args);
74
-
75
- case 'list_available_safeguards':
76
- return await this.listAvailableSafeguards();
77
-
78
- default:
79
- throw new Error(`Unknown tool: ${name}`);
80
- }
81
- } catch (error) {
82
- const errorMessage = this.formatErrorMessage(error, name);
83
- console.error(`[Framework MCP] Tool execution error: ${name}`, error);
84
-
85
- return {
86
- content: [
87
- {
88
- type: 'text',
89
- text: JSON.stringify({
90
- error: errorMessage,
91
- timestamp: new Date().toISOString()
92
- }, null, 2),
93
- },
94
- ],
95
- };
96
- }
97
- });
98
- }
99
-
100
-
101
- private async getSafeguardDetails(args: any) {
102
- const { safeguard_id, include_examples = false } = args;
103
-
104
- this.safeguardManager.validateSafeguardId(safeguard_id);
105
-
106
- const safeguard = this.safeguardManager.getSafeguardDetails(safeguard_id, include_examples);
107
- if (!safeguard) {
108
- throw new Error(`Safeguard ${safeguard_id} not found`);
109
- }
110
-
111
- return {
112
- content: [
113
- {
114
- type: 'text',
115
- text: JSON.stringify(safeguard, null, 2),
116
- },
117
- ],
118
- };
119
- }
120
-
121
- private async listAvailableSafeguards() {
122
- const safeguards = this.safeguardManager.listAvailableSafeguards();
123
-
124
- return {
125
- content: [
126
- {
127
- type: 'text',
128
- text: JSON.stringify({
129
- safeguards,
130
- total: safeguards.length,
131
- framework: 'CIS Controls v8.1',
132
- version: '2.5.6'
133
- }, null, 2),
134
- },
135
- ],
136
- };
137
- }
138
-
139
- private formatErrorMessage(error: unknown, toolName: string): string {
140
- if (error instanceof Error) {
141
- // Provide helpful guidance for common errors
142
- if (error.message.includes('Safeguard') && error.message.includes('not found')) {
143
- return `${error.message}. Use list_available_safeguards to see all available options.`;
144
- }
145
-
146
- return error.message;
147
- }
148
-
149
- return `Unknown error in tool ${toolName}`;
150
- }
151
-
152
- public async run(): Promise<void> {
153
- const transport = new StdioServerTransport();
154
- await this.server.connect(transport);
155
-
156
- console.error('🤖 Framework MCP Server v2.5.6 running via stdio');
157
- console.error('📊 Pure Data Provider for CIS Controls v8.1');
158
- }
159
- }
160
-
161
- // Start server if this file is run directly
162
- if (import.meta.url === `file://${process.argv[1]}`) {
163
- const server = new FrameworkMcpServer();
164
- server.run().catch(console.error);
165
- }