gitlab-mcp 1.1.0 → 1.2.0

package/tests/output.test.ts

@@ -1,186 +0,0 @@
-import { describe, expect, it } from "vitest";
-
-import { OutputFormatter } from "../src/lib/output.js";
-
-describe("OutputFormatter", () => {
-  describe("json mode", () => {
-    it("formats objects with 2-space indentation", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format({ hello: "world", count: 42 });
-
-      expect(result.text).toBe(JSON.stringify({ hello: "world", count: 42 }, null, 2));
-      expect(result.truncated).toBe(false);
-      expect(result.bytes).toBeGreaterThan(0);
-    });
-
-    it("formats arrays", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format([1, 2, 3]);
-
-      expect(result.text).toBe(JSON.stringify([1, 2, 3], null, 2));
-      expect(result.truncated).toBe(false);
-    });
-
-    it("formats null", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format(null);
-
-      expect(result.text).toBe("null");
-      expect(result.truncated).toBe(false);
-    });
-
-    it("formats primitive strings", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format("hello");
-
-      expect(result.text).toBe('"hello"');
-      expect(result.truncated).toBe(false);
-    });
-
-    it("formats numbers", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format(42);
-
-      expect(result.text).toBe("42");
-      expect(result.truncated).toBe(false);
-    });
-
-    it("formats booleans", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format(true);
-
-      expect(result.text).toBe("true");
-    });
-  });
-
-  describe("compact-json mode", () => {
-    it("formats without whitespace", () => {
-      const formatter = new OutputFormatter({ responseMode: "compact-json", maxBytes: 10_000 });
-      const result = formatter.format({ hello: "world", nested: { a: 1 } });
-
-      expect(result.text).toBe('{"hello":"world","nested":{"a":1}}');
-      expect(result.truncated).toBe(false);
-    });
-
-    it("formats arrays compactly", () => {
-      const formatter = new OutputFormatter({ responseMode: "compact-json", maxBytes: 10_000 });
-      const result = formatter.format([1, 2, 3]);
-
-      expect(result.text).toBe("[1,2,3]");
-    });
-  });
-
-  describe("yaml mode", () => {
-    it("formats objects as YAML", () => {
-      const formatter = new OutputFormatter({ responseMode: "yaml", maxBytes: 10_000 });
-      const result = formatter.format({ name: "test", value: 123 });
-
-      expect(result.text).toContain("name: test");
-      expect(result.text).toContain("value: 123");
-      expect(result.truncated).toBe(false);
-    });
-
-    it("formats nested objects as YAML", () => {
-      const formatter = new OutputFormatter({ responseMode: "yaml", maxBytes: 10_000 });
-      const result = formatter.format({ outer: { inner: "value" } });
-
-      expect(result.text).toContain("outer:");
-      expect(result.text).toContain("inner: value");
-    });
-
-    it("formats arrays as YAML", () => {
-      const formatter = new OutputFormatter({ responseMode: "yaml", maxBytes: 10_000 });
-      const result = formatter.format({ items: ["a", "b", "c"] });
-
-      expect(result.text).toContain("items:");
-      expect(result.text).toContain("- a");
-      expect(result.text).toContain("- b");
-      expect(result.text).toContain("- c");
-    });
-  });
-
-  describe("truncation", () => {
-    it("truncates output exceeding maxBytes", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 20 });
-      const result = formatter.format({ key: "this is a very long value that exceeds the limit" });
-
-      expect(result.truncated).toBe(true);
-      expect(result.text).toContain("[truncated");
-      expect(result.bytes).toBeGreaterThan(20);
-    });
-
-    it("does not truncate when output fits within maxBytes", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 100_000 });
-      const result = formatter.format({ small: "data" });
-
-      expect(result.truncated).toBe(false);
-      expect(result.text).not.toContain("[truncated");
-    });
-
-    it("reports correct original byte count even when truncated", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10 });
-      const data = { message: "hello world this is a longer message" };
-      const result = formatter.format(data);
-
-      const expectedFull = JSON.stringify(data, null, 2);
-      const expectedBytes = Buffer.byteLength(expectedFull, "utf8");
-
-      expect(result.truncated).toBe(true);
-      expect(result.bytes).toBe(expectedBytes);
-    });
-
-    it("handles exact boundary correctly", () => {
-      const data = { a: 1 };
-      const serialized = JSON.stringify(data, null, 2);
-      const exactBytes = Buffer.byteLength(serialized, "utf8");
-
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: exactBytes });
-      const result = formatter.format(data);
-
-      expect(result.truncated).toBe(false);
-      expect(result.bytes).toBe(exactBytes);
-    });
-
-    it("handles multi-byte characters in truncation", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 30 });
-      const result = formatter.format({ emoji: "Hello 🌍🌍🌍🌍🌍" });
-
-      expect(result.truncated).toBe(true);
-      expect(result.text).toContain("[truncated");
-    });
-  });
-
-  describe("edge cases", () => {
-    it("handles empty object", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format({});
-
-      expect(result.text).toBe("{}");
-      expect(result.truncated).toBe(false);
-    });
-
-    it("handles empty array", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const result = formatter.format([]);
-
-      expect(result.text).toBe("[]");
-      expect(result.truncated).toBe(false);
-    });
-
-    it("throws on undefined because JSON.stringify returns undefined", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      // JSON.stringify(undefined) returns the JS value undefined, which is
-      // not a valid argument for Buffer.byteLength.
-      expect(() => formatter.format(undefined)).toThrow();
-    });
-
-    it("handles deeply nested objects", () => {
-      const formatter = new OutputFormatter({ responseMode: "json", maxBytes: 10_000 });
-      const deep = { a: { b: { c: { d: { e: "deep" } } } } };
-      const result = formatter.format(deep);
-
-      expect(result.text).toContain('"deep"');
-      expect(result.truncated).toBe(false);
-    });
-  });
-});

package/tests/policy.test.ts

@@ -1,324 +0,0 @@
-import { describe, expect, it } from "vitest";
-
-import { ToolPolicyEngine, type ToolPolicyMeta } from "../src/lib/policy.js";
-
-const defaultFeatures = {
-  wiki: true,
-  milestone: true,
-  pipeline: true,
-  release: true
-};
-
-describe("ToolPolicyEngine", () => {
-  describe("filterTools", () => {
-    it("blocks mutating tools in readonly mode", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: true,
-        allowedTools: [],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "readonly", mutating: false },
-          { name: "mutate", mutating: true }
-        ])
-      ).toEqual([{ name: "readonly", mutating: false }]);
-    });
-
-    it("allows all tools when no restrictions are set", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: defaultFeatures
-      });
-
-      const tools: ToolPolicyMeta[] = [
-        { name: "tool_a", mutating: false },
-        { name: "tool_b", mutating: true },
-        { name: "tool_c", mutating: false }
-      ];
-
-      expect(engine.filterTools(tools)).toEqual(tools);
-    });
-
-    it("applies allowlist and deny regex", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: ["gitlab_get_project", "gitlab_list_projects"],
-        deniedToolsRegex: /^gitlab_list_/,
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "gitlab_get_project", mutating: false },
-          { name: "gitlab_list_projects", mutating: false },
-          { name: "gitlab_create_issue", mutating: true }
-        ])
-      ).toEqual([{ name: "gitlab_get_project", mutating: false }]);
-    });
-
-    it("supports allowlist names without gitlab_ prefix", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: ["get_project"],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "gitlab_get_project", mutating: false },
-          { name: "gitlab_list_projects", mutating: false }
-        ])
-      ).toEqual([{ name: "gitlab_get_project", mutating: false }]);
-    });
-
-    it("supports allowlist names with gitlab_ prefix", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: ["gitlab_get_project"],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "gitlab_get_project", mutating: false },
-          { name: "gitlab_list_projects", mutating: false }
-        ])
-      ).toEqual([{ name: "gitlab_get_project", mutating: false }]);
-    });
-
-    it("respects feature flags", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: {
-          wiki: false,
-          milestone: false,
-          pipeline: true,
-          release: true
-        }
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "wiki", mutating: false, requiresFeature: "wiki" },
-          { name: "pipeline", mutating: false, requiresFeature: "pipeline" }
-        ])
-      ).toEqual([{ name: "pipeline", mutating: false, requiresFeature: "pipeline" }]);
-    });
-
-    it("allows tools without requiresFeature even when features are disabled", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: {
-          wiki: false,
-          milestone: false,
-          pipeline: false,
-          release: false
-        }
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "generic_tool", mutating: false },
-          { name: "wiki_tool", mutating: false, requiresFeature: "wiki" }
-        ])
-      ).toEqual([{ name: "generic_tool", mutating: false }]);
-    });
-
-    it("applies deniedToolsRegex without allowlist", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        deniedToolsRegex: /^gitlab_delete_/,
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "gitlab_get_project", mutating: false },
-          { name: "gitlab_delete_project", mutating: true },
-          { name: "gitlab_delete_issue", mutating: true }
-        ])
-      ).toEqual([{ name: "gitlab_get_project", mutating: false }]);
-    });
-
-    it("handles empty tools array", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(engine.filterTools([])).toEqual([]);
-    });
-
-    it("combines readOnly mode with feature flags", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: true,
-        allowedTools: [],
-        enabledFeatures: {
-          wiki: true,
-          milestone: true,
-          pipeline: true,
-          release: true
-        }
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "read_wiki", mutating: false, requiresFeature: "wiki" },
-          { name: "create_wiki", mutating: true, requiresFeature: "wiki" },
-          { name: "get_project", mutating: false }
-        ])
-      ).toEqual([
-        { name: "read_wiki", mutating: false, requiresFeature: "wiki" },
-        { name: "get_project", mutating: false }
-      ]);
-    });
-
-    it("handles allowlist with whitespace-padded names", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: ["  get_project  "],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "gitlab_get_project", mutating: false },
-          { name: "gitlab_list_projects", mutating: false }
-        ])
-      ).toEqual([{ name: "gitlab_get_project", mutating: false }]);
-    });
-
-    it("handles allowlist with empty strings", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: ["", "  ", "get_project"],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "gitlab_get_project", mutating: false },
-          { name: "gitlab_list_projects", mutating: false }
-        ])
-      ).toEqual([{ name: "gitlab_get_project", mutating: false }]);
-    });
-
-    it("respects release feature flag", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: {
-          wiki: true,
-          milestone: true,
-          pipeline: true,
-          release: false
-        }
-      });
-
-      expect(
-        engine.filterTools([
-          { name: "list_releases", mutating: false, requiresFeature: "release" },
-          { name: "list_pipelines", mutating: false, requiresFeature: "pipeline" }
-        ])
-      ).toEqual([{ name: "list_pipelines", mutating: false, requiresFeature: "pipeline" }]);
-    });
-  });
-
-  describe("assertCanExecute", () => {
-    it("does not throw for enabled tools", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(() => {
-        engine.assertCanExecute({ name: "any_tool", mutating: false });
-      }).not.toThrow();
-    });
-
-    it("throws for disabled tools in readonly mode", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: true,
-        allowedTools: [],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(() => {
-        engine.assertCanExecute({ name: "create_issue", mutating: true });
-      }).toThrow("disabled by policy");
-    });
-
-    it("throws for tools not in allowlist", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: ["gitlab_get_project"],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(() => {
-        engine.assertCanExecute({ name: "gitlab_list_projects", mutating: false });
-      }).toThrow("disabled by policy");
-    });
-
-    it("throws for tools matching denied regex", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        deniedToolsRegex: /^gitlab_delete_/,
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(() => {
-        engine.assertCanExecute({ name: "gitlab_delete_issue", mutating: true });
-      }).toThrow("disabled by policy");
-    });
-
-    it("throws for tools requiring disabled features", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: {
-          wiki: false,
-          milestone: true,
-          pipeline: true,
-          release: true
-        }
-      });
-
-      expect(() => {
-        engine.assertCanExecute({ name: "wiki_tool", mutating: false, requiresFeature: "wiki" });
-      }).toThrow("disabled by policy");
-    });
-  });
-
-  describe("isToolEnabled", () => {
-    it("returns true for unrestricted tools", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: false,
-        allowedTools: [],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(engine.isToolEnabled({ name: "any_tool", mutating: false })).toBe(true);
-    });
-
-    it("returns false for mutating tools in readonly mode", () => {
-      const engine = new ToolPolicyEngine({
-        readOnlyMode: true,
-        allowedTools: [],
-        enabledFeatures: defaultFeatures
-      });
-
-      expect(engine.isToolEnabled({ name: "create_something", mutating: true })).toBe(false);
-      expect(engine.isToolEnabled({ name: "read_something", mutating: false })).toBe(true);
-    });
-  });
-});