gitlab-mcp 1.1.0 → 1.2.1

package/dist/lib/request-runtime.js

@@ -0,0 +1,323 @@
+import { exec as execCb } from "node:child_process";
+import * as fs from "node:fs/promises";
+import * as os from "node:os";
+import * as path from "node:path";
+import { promisify } from "node:util";
+import fetchCookie from "fetch-cookie";
+import { Cookie, CookieJar } from "tough-cookie";
+import { deriveGitLabBaseUrl, GitLabOAuthManager } from "./oauth.js";
+const execAsync = promisify(execCb);
+const DEFAULT_BROWSER_UA = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36";
+export class GitLabRequestRuntime {
+    env;
+    logger;
+    cookiePath;
+    warmupPath;
+    tokenFilePath;
+    tokenScript;
+    oauthManager;
+    fetchImpl = fetch;
+    cookieJar = null;
+    cookieMtime = 0;
+    cookieReloadLock = null;
+    warmedApiRoots = new Set();
+    cachedToken = null;
+    constructor(env, logger) {
+        this.env = env;
+        this.logger = logger;
+        this.cookiePath = resolveHomePath(env.GITLAB_AUTH_COOKIE_PATH);
+        this.warmupPath = normalizeWarmupPath(env.GITLAB_COOKIE_WARMUP_PATH);
+        this.tokenFilePath = resolveHomePath(env.GITLAB_TOKEN_FILE);
+        this.tokenScript = env.GITLAB_TOKEN_SCRIPT?.trim() || undefined;
+        if (env.GITLAB_USE_OAUTH && env.GITLAB_OAUTH_CLIENT_ID) {
+            this.oauthManager = new GitLabOAuthManager({
+                clientId: env.GITLAB_OAUTH_CLIENT_ID,
+                clientSecret: env.GITLAB_OAUTH_CLIENT_SECRET,
+                gitlabUrl: env.GITLAB_OAUTH_GITLAB_URL || deriveGitLabBaseUrl(env.GITLAB_API_URL),
+                redirectUri: env.GITLAB_OAUTH_REDIRECT_URI || "http://127.0.0.1:8765/callback",
+                scopes: parseOauthScopes(env.GITLAB_OAUTH_SCOPES),
+                tokenStoragePath: resolveHomePath(env.GITLAB_OAUTH_TOKEN_PATH),
+                autoOpenBrowser: env.GITLAB_OAUTH_AUTO_OPEN_BROWSER
+            }, this.logger);
+        }
+    }
+    async beforeRequest(context) {
+        await this.reloadCookiesIfChanged();
+        const headers = new Headers(context.headers);
+        this.applyCompatibilityHeaders(headers);
+        let token = context.token;
+        let authHeader = context.authHeader;
+        if (!token) {
+            const resolvedFallback = await this.resolveFallbackAuth();
+            token = resolvedFallback.token;
+            if (!authHeader && resolvedFallback.authHeader) {
+                authHeader = resolvedFallback.authHeader;
+            }
+        }
+        if (this.cookieJar) {
+            await this.ensureSessionWarmup(context.url, headers, token);
+        }
+        return {
+            headers,
+            token,
+            authHeader,
+            fetchImpl: this.fetchImpl
+        };
+    }
+    async resolveFallbackAuth() {
+        const now = Date.now();
+        if (this.cachedToken && this.cachedToken.expiresAt > now) {
+            return { token: this.cachedToken.value };
+        }
+        if (this.oauthManager) {
+            const token = await this.oauthManager.getAccessToken();
+            if (token) {
+                return {
+                    token,
+                    authHeader: "authorization"
+                };
+            }
+        }
+        if (this.tokenScript) {
+            const token = await this.loadTokenFromScript(this.tokenScript);
+            if (token) {
+                const ttlMs = this.env.GITLAB_TOKEN_CACHE_SECONDS * 1000;
+                this.cachedToken = {
+                    value: token,
+                    expiresAt: now + ttlMs
+                };
+            }
+            return { token };
+        }
+        if (this.tokenFilePath) {
+            const token = await this.loadTokenFromFile(this.tokenFilePath);
+            if (token) {
+                const ttlMs = this.env.GITLAB_TOKEN_CACHE_SECONDS * 1000;
+                this.cachedToken = {
+                    value: token,
+                    expiresAt: now + ttlMs
+                };
+            }
+            return { token };
+        }
+        return {};
+    }
+    async loadTokenFromScript(script) {
+        try {
+            const { stdout } = await execAsync(script, {
+                timeout: this.env.GITLAB_TOKEN_SCRIPT_TIMEOUT_MS,
+                maxBuffer: 1024 * 1024
+            });
+            return parseTokenOutput(stdout);
+        }
+        catch (error) {
+            this.logger.warn({ err: error }, "Failed to execute GITLAB_TOKEN_SCRIPT");
+            return undefined;
+        }
+    }
+    async loadTokenFromFile(tokenFilePath) {
+        try {
+            const stat = await fs.stat(tokenFilePath);
+            // Group/other bits on token files are rejected unless explicitly allowed.
+            if ((stat.mode & 0o077) !== 0 && !this.env.GITLAB_ALLOW_INSECURE_TOKEN_FILE) {
+                throw new Error(`Token file '${tokenFilePath}' is too permissive. Set chmod 600 or GITLAB_ALLOW_INSECURE_TOKEN_FILE=true.`);
+            }
+            const content = (await fs.readFile(tokenFilePath, "utf8")).trim();
+            return parseTokenOutput(content);
+        }
+        catch (error) {
+            this.logger.warn({ err: error, tokenFilePath }, "Failed to read GITLAB_TOKEN_FILE");
+            return undefined;
+        }
+    }
+    applyCompatibilityHeaders(headers) {
+        const userAgent = this.env.GITLAB_USER_AGENT?.trim() ||
+            (this.env.GITLAB_CLOUDFLARE_BYPASS ? DEFAULT_BROWSER_UA : undefined);
+        if (userAgent && !headers.has("User-Agent")) {
+            headers.set("User-Agent", userAgent);
+        }
+        if (this.env.GITLAB_CLOUDFLARE_BYPASS) {
+            if (!headers.has("Accept-Language")) {
+                headers.set("Accept-Language", this.env.GITLAB_ACCEPT_LANGUAGE || "en-US,en;q=0.9");
+            }
+            if (!headers.has("Cache-Control")) {
+                headers.set("Cache-Control", "no-cache");
+            }
+            if (!headers.has("Pragma")) {
+                headers.set("Pragma", "no-cache");
+            }
+        }
+    }
+    async reloadCookiesIfChanged() {
+        if (!this.cookiePath) {
+            return;
+        }
+        if (this.cookieReloadLock) {
+            await this.cookieReloadLock;
+            return;
+        }
+        this.cookieReloadLock = (async () => {
+            try {
+                const stat = await fs.stat(this.cookiePath);
+                if (stat.mtimeMs === this.cookieMtime) {
+                    return;
+                }
+                const cookieContent = await fs.readFile(this.cookiePath, "utf8");
+                const jar = createCookieJarFromNetscape(cookieContent);
+                this.cookieJar = jar;
+                this.fetchImpl = fetchCookie(fetch, jar);
+                this.cookieMtime = stat.mtimeMs;
+                this.warmedApiRoots.clear();
+                this.logger.info({ cookiePath: this.cookiePath }, "Loaded auth cookies");
+            }
+            catch (error) {
+                if (this.cookieJar) {
+                    this.logger.warn({ err: error, cookiePath: this.cookiePath }, "Clearing auth cookies");
+                }
+                this.cookieJar = null;
+                this.fetchImpl = fetch;
+                this.cookieMtime = 0;
+                this.warmedApiRoots.clear();
+            }
+        })();
+        try {
+            await this.cookieReloadLock;
+        }
+        finally {
+            this.cookieReloadLock = null;
+        }
+    }
+    async ensureSessionWarmup(url, headers, token) {
+        const apiRoot = resolveApiRoot(url);
+        if (!apiRoot) {
+            return;
+        }
+        const apiRootKey = `${url.origin}${apiRoot}`;
+        if (this.warmedApiRoots.has(apiRootKey)) {
+            return;
+        }
+        const warmupUrl = new URL(`${apiRoot}${this.warmupPath}`, url.origin);
+        const warmupHeaders = new Headers(headers);
+        if (!warmupHeaders.has("Accept")) {
+            warmupHeaders.set("Accept", "application/json");
+        }
+        if (token && !warmupHeaders.has("PRIVATE-TOKEN")) {
+            warmupHeaders.set("PRIVATE-TOKEN", token);
+        }
+        try {
+            const response = await this.fetchImpl(warmupUrl, {
+                method: "GET",
+                headers: warmupHeaders,
+                redirect: "follow",
+                signal: AbortSignal.timeout(Math.min(this.env.GITLAB_HTTP_TIMEOUT_MS, 12_000))
+            });
+            if (response.status < 500) {
+                this.warmedApiRoots.add(apiRootKey);
+            }
+        }
+        catch (error) {
+            this.logger.debug({ err: error, warmupUrl: warmupUrl.toString() }, "Cookie warmup failed");
+        }
+    }
+}
+function resolveHomePath(input) {
+    if (!input) {
+        return undefined;
+    }
+    if (input.startsWith("~/")) {
+        return path.join(os.homedir(), input.slice(2));
+    }
+    return input;
+}
+function normalizeWarmupPath(value) {
+    const trimmed = value.trim();
+    if (!trimmed) {
+        return "/user";
+    }
+    return trimmed.startsWith("/") ? trimmed : `/${trimmed}`;
+}
+function resolveApiRoot(url) {
+    const match = url.pathname.match(/^(.*\/api\/v4)(?:\/|$)/);
+    return match?.[1];
+}
+function createCookieJarFromNetscape(content) {
+    const jar = new CookieJar();
+    const lines = content.split("\n");
+    for (let raw of lines) {
+        let httpOnly = false;
+        if (raw.startsWith("#HttpOnly_")) {
+            raw = raw.slice("#HttpOnly_".length);
+            httpOnly = true;
+        }
+        if (!raw.trim() || raw.startsWith("#")) {
+            continue;
+        }
+        const parts = raw.split("\t");
+        if (parts.length < 7) {
+            continue;
+        }
+        const domain = parts[0];
+        const cookiePath = parts[2];
+        const secure = parts[3];
+        const expires = parts[4];
+        const name = parts[5];
+        const value = parts[6];
+        if (domain === undefined ||
+            cookiePath === undefined ||
+            secure === undefined ||
+            expires === undefined ||
+            name === undefined ||
+            value === undefined) {
+            continue;
+        }
+        const secureFlag = secure === "TRUE" ? "; Secure" : "";
+        const httpOnlyFlag = httpOnly ? "; HttpOnly" : "";
+        const expiresFlag = expires === "0"
+            ? ""
+            : `; Expires=${new Date(Number.parseInt(expires, 10) * 1000).toUTCString()}`;
+        const cookieString = `${name}=${value}; Domain=${domain}; Path=${cookiePath}${secureFlag}${httpOnlyFlag}${expiresFlag}`;
+        const cookie = Cookie.parse(cookieString);
+        if (!cookie) {
+            continue;
+        }
+        const normalizedDomain = domain.startsWith(".") ? domain.slice(1) : domain;
+        const targetUrl = `${secure === "TRUE" ? "https" : "http"}://${normalizedDomain}`;
+        try {
+            jar.setCookieSync(cookie, targetUrl);
+        }
+        catch {
+            // ignore invalid cookies from external files
+        }
+    }
+    return jar;
+}
+function parseTokenOutput(rawOutput) {
+    const output = rawOutput.trim();
+    if (!output) {
+        return undefined;
+    }
+    try {
+        const parsed = JSON.parse(output);
+        const token = getStringField(parsed, "token") ||
+            getStringField(parsed, "access_token") ||
+            getStringField(parsed, "private_token");
+        if (token) {
+            return token;
+        }
+    }
+    catch {
+        // Plain string output is valid.
+    }
+    return output.split(/\r?\n/, 1)[0]?.trim() || undefined;
+}
+function getStringField(record, key) {
+    const value = record[key];
+    return typeof value === "string" && value.trim().length > 0 ? value.trim() : undefined;
+}
+function parseOauthScopes(rawScopes) {
+    return rawScopes
+        .split(/[,\s]+/)
+        .map((scope) => scope.trim())
+        .filter((scope) => scope.length > 0);
+}
+//# sourceMappingURL=request-runtime.js.map

package/dist/lib/request-runtime.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-runtime.js","sourceRoot":"","sources":["../../src/lib/request-runtime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,IAAI,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,OAAO,WAAW,MAAM,cAAc,CAAC;AAEvC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAIjD,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAErE,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;AACpC,MAAM,kBAAkB,GACtB,uHAAuH,CAAC;AAY1H,MAAM,OAAO,oBAAoB;IAeZ;IACA;IAfF,UAAU,CAAU;IACpB,UAAU,CAAS;IACnB,aAAa,CAAU;IACvB,WAAW,CAAU;IACrB,YAAY,CAAsB;IAE3C,SAAS,GAAiB,KAAK,CAAC;IAChC,SAAS,GAAqB,IAAI,CAAC;IACnC,WAAW,GAAG,CAAC,CAAC;IAChB,gBAAgB,GAAyB,IAAI,CAAC;IACrC,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;IAC5C,WAAW,GAAsB,IAAI,CAAC;IAE9C,YACmB,GAAW,EACX,MAAc;QADd,QAAG,GAAH,GAAG,CAAQ;QACX,WAAM,GAAN,MAAM,CAAQ;QAE/B,IAAI,CAAC,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QAC/D,IAAI,CAAC,UAAU,GAAG,mBAAmB,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACrE,IAAI,CAAC,aAAa,GAAG,eAAe,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC5D,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,mBAAmB,EAAE,IAAI,EAAE,IAAI,SAAS,CAAC;QAEhE,IAAI,GAAG,CAAC,gBAAgB,IAAI,GAAG,CAAC,sBAAsB,EAAE,CAAC;YACvD,IAAI,CAAC,YAAY,GAAG,IAAI,kBAAkB,CACxC;gBACE,QAAQ,EAAE,GAAG,CAAC,sBAAsB;gBACpC,YAAY,EAAE,GAAG,CAAC,0BAA0B;gBAC5C,SAAS,EAAE,GAAG,CAAC,uBAAuB,IAAI,mBAAmB,CAAC,GAAG,CAAC,cAAc,CAAC;gBACjF,WAAW,EAAE,GAAG,CAAC,yBAAyB,IAAI,gCAAgC;gBAC9E,MAAM,EAAE,gBAAgB,CAAC,GAAG,CAAC,mBAAmB,CAAC;gBACjD,gBAAgB,EAAE,eAAe,CAAC,GAAG,CAAC,uBAAuB,CAAC;gBAC9D,eAAe,EAAE,GAAG,CAAC,8BAA8B;aACpD,EACD,IAAI,CAAC,MAAM,CACZ,CAAC;QACJ,CAAC;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,OAAmC;QACrD,MAAM,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAEpC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7C,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAExC,IAAI,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC1B,IAAI,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACpC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC1D,KAAK,GAAG,gBAAgB,CAAC,KAAK,CAAC;YAC/B,IAAI,CAAC,UAAU,IAAI,gBAAgB,CAAC,UAAU,EAAE,CAAC;gBAC/C,UAAU,GAAG,gBAAgB,CAAC,UAAU,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO;YACL,OAAO;YACP,KAAK;YACL,UAAU;YACV,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,mBAAmB;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;YACzD,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QAC3C,CAAC;QAED,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,cAAc,EAAE,CAAC;YACvD,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO;oBACL,KAAK;oBACL,UAAU,EAAE,eAAe;iBAC5B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC/D,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,0BAA0B,GAAG,IAAI,CAAC;gBACzD,IAAI,CAAC,WAAW,GAAG;oBACjB,KAAK,EAAE,KAAK;oBACZ,SAAS,EAAE,GAAG,GAAG,KAAK;iBACvB,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,CAAC;QACnB,CAAC;QAED,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAC/D,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,0BAA0B,GAAG,IAAI,CAAC;gBACzD,IAAI,CAAC,WAAW,GAAG;oBACjB,KAAK,EAAE,KAAK;oBACZ,SAAS,EAAE,GAAG,GAAG,KAAK;iBACvB,CAAC;YACJ,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,CAAC;QACnB,CAAC;QAED,OAAO,EAAE,CAAC;IACZ,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,MAAc;QAC9C,IAAI,CAAC;YACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,MAAM,EAAE;gBACzC,OAAO,EAAE,IAAI,CAAC,GAAG,CAAC,8BAA8B;gBAChD,SAAS,EAAE,IAAI,GAAG,IAAI;aACvB,CAAC,CAAC;YAEH,OAAO,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAClC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,uCAAuC,CAAC,CAAC;YAC1E,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,aAAqB;QACnD,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAE1C,0EAA0E;YAC1E,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,gCAAgC,EAAE,CAAC;gBAC5E,MAAM,IAAI,KAAK,CACb,eAAe,aAAa,8EAA8E,CAC3G,CAAC;YACJ,CAAC;YAED,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAClE,OAAO,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE,kCAAkC,CAAC,CAAC;YACpF,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAEO,yBAAyB,CAAC,OAAgB;QAChD,MAAM,SAAS,GACb,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,IAAI,EAAE;YAClC,CAAC,IAAI,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACvE,IAAI,SAAS,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,IAAI,CAAC,GAAG,CAAC,wBAAwB,EAAE,CAAC;YACtC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,IAAI,CAAC,GAAG,CAAC,sBAAsB,IAAI,gBAAgB,CAAC,CAAC;YACtF,CAAC;YACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;YAC3C,CAAC;YACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,sBAAsB;QAClC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO;QACT,CAAC;QAED,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,MAAM,IAAI,CAAC,gBAAgB,CAAC;YAC5B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,gBAAgB,GAAG,CAAC,KAAK,IAAI,EAAE;YAClC,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,UAAW,CAAC,CAAC;gBAC7C,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;oBACtC,OAAO;gBACT,CAAC;gBAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAW,EAAE,MAAM,CAAC,CAAC;gBAClE,MAAM,GAAG,GAAG,2BAA2B,CAAC,aAAa,CAAC,CAAC;gBACvD,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC;gBACrB,IAAI,CAAC,SAAS,GAAG,WAAW,CAAC,KAAK,EAAE,GAAG,CAA4B,CAAC;gBACpE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC;gBAChC,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;gBAC5B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,EAAE,qBAAqB,CAAC,CAAC;YAC3E,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;oBACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,EAAE,uBAAuB,CAAC,CAAC;gBACzF,CAAC;gBACD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;gBACtB,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;gBACvB,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC;gBACrB,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;YAC9B,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,gBAAgB,CAAC;QAC9B,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC/B,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,GAAQ,EAAE,OAAgB,EAAE,KAAc;QAC1E,MAAM,OAAO,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO;QACT,CAAC;QACD,MAAM,UAAU,GAAG,GAAG,GAAG,CAAC,MAAM,GAAG,OAAO,EAAE,CAAC;QAC7C,IAAI,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;YACxC,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QACtE,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;QAClD,CAAC;QACD,IAAI,KAAK,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;YACjD,aAAa,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE;gBAC/C,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,aAAa;gBACtB,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC;aAC/E,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;gBAC1B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,EAAE,sBAAsB,CAAC,CAAC;QAC7F,CAAC;IACH,CAAC;CACF;AAED,SAAS,eAAe,CAAC,KAAc;IACrC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAa;IACxC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,OAAO,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,OAAO,EAAE,CAAC;AAC3D,CAAC;AAED,SAAS,cAAc,CAAC,GAAQ;IAC9B,MAAM,KAAK,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC3D,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;AACpB,CAAC;AAED,SAAS,2BAA2B,CAAC,OAAe;IAClD,MAAM,GAAG,GAAG,IAAI,SAAS,EAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,GAAG,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,QAAQ,GAAG,KAAK,CAAC;QACrB,IAAI,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACjC,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YACrC,QAAQ,GAAG,IAAI,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACvC,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,SAAS;QACX,CAAC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACzB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IACE,MAAM,KAAK,SAAS;YACpB,UAAU,KAAK,SAAS;YACxB,MAAM,KAAK,SAAS;YACpB,OAAO,KAAK,SAAS;YACrB,IAAI,KAAK,SAAS;YAClB,KAAK,KAAK,SAAS,EACnB,CAAC;YACD,SAAS;QACX,CAAC;QACD,MAAM,UAAU,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;QACvD,MAAM,YAAY,GAAG,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,MAAM,WAAW,GACf,OAAO,KAAK,GAAG;YACb,CAAC,CAAC,EAAE;YACJ,CAAC,CAAC,aAAa,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QAEjF,MAAM,YAAY,GAAG,GAAG,IAAI,IAAI,KAAK,YAAY,MAAM,UAAU,UAAU,GAAG,UAAU,GAAG,YAAY,GAAG,WAAW,EAAE,CAAC;QACxH,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,SAAS;QACX,CAAC;QAED,MAAM,gBAAgB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAC3E,MAAM,SAAS,GAAG,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,MAAM,gBAAgB,EAAE,CAAC;QAClF,IAAI,CAAC;YACH,GAAG,CAAC,aAAa,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACvC,CAAC;QAAC,MAAM,CAAC;YACP,6CAA6C;QAC/C,CAAC;IACH,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,gBAAgB,CAAC,SAAiB;IACzC,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC;IAChC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAA4B,CAAC;QAC7D,MAAM,KAAK,GACT,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC;YAC/B,cAAc,CAAC,MAAM,EAAE,cAAc,CAAC;YACtC,cAAc,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;QAC1C,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IAED,OAAO,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,SAAS,CAAC;AAC1D,CAAC;AAED,SAAS,cAAc,CAAC,MAA+B,EAAE,GAAW;IAClE,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACzF,CAAC;AAED,SAAS,gBAAgB,CAAC,SAAiB;IACzC,OAAO,SAAS;SACb,KAAK,CAAC,QAAQ,CAAC;SACf,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;SAC5B,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AACzC,CAAC"}

package/dist/lib/sanitize.d.ts

@@ -0,0 +1 @@
+export declare function stripNullsDeep<T>(value: T): T;

package/dist/lib/sanitize.js

@@ -0,0 +1,21 @@
+export function stripNullsDeep(value) {
+    if (value === null) {
+        return undefined;
+    }
+    if (Array.isArray(value)) {
+        return value.map((item) => stripNullsDeep(item)).filter((item) => item !== undefined);
+    }
+    if (typeof value === "object" && value !== undefined) {
+        const input = value;
+        const output = {};
+        for (const [key, item] of Object.entries(input)) {
+            const normalized = stripNullsDeep(item);
+            if (normalized !== undefined) {
+                output[key] = normalized;
+            }
+        }
+        return output;
+    }
+    return value;
+}
+//# sourceMappingURL=sanitize.js.map

package/dist/lib/sanitize.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitize.js","sourceRoot":"","sources":["../../src/lib/sanitize.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,cAAc,CAAI,KAAQ;IACxC,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACnB,OAAO,SAAc,CAAC;IACxB,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,SAAS,CAAM,CAAC;IAC7F,CAAC;IAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACrD,MAAM,KAAK,GAAG,KAAgC,CAAC;QAC/C,MAAM,MAAM,GAA4B,EAAE,CAAC;QAE3C,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAChD,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;YACxC,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC7B,MAAM,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,OAAO,MAAW,CAAC;IACrB,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/lib/session-capacity.d.ts

@@ -0,0 +1,8 @@
+export interface SessionCapacityInput {
+    streamableSessions: number;
+    pendingSessions: number;
+    sseSessions: number;
+    maxSessions: number;
+}
+export declare function getTotalSessions(input: SessionCapacityInput): number;
+export declare function hasReachedSessionCapacity(input: SessionCapacityInput): boolean;

package/dist/lib/session-capacity.js

@@ -0,0 +1,7 @@
+export function getTotalSessions(input) {
+    return input.streamableSessions + input.pendingSessions + input.sseSessions;
+}
+export function hasReachedSessionCapacity(input) {
+    return getTotalSessions(input) >= input.maxSessions;
+}
+//# sourceMappingURL=session-capacity.js.map

package/dist/lib/session-capacity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-capacity.js","sourceRoot":"","sources":["../../src/lib/session-capacity.ts"],"names":[],"mappings":"AAOA,MAAM,UAAU,gBAAgB,CAAC,KAA2B;IAC1D,OAAO,KAAK,CAAC,kBAAkB,GAAG,KAAK,CAAC,eAAe,GAAG,KAAK,CAAC,WAAW,CAAC;AAC9E,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,KAA2B;IACnE,OAAO,gBAAgB,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,WAAW,CAAC;AACtD,CAAC"}

package/dist/server/build-server.d.ts

@@ -0,0 +1,3 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import type { AppContext } from "../types/context.js";
+export declare function createMcpServer(context: AppContext): McpServer;

package/dist/server/build-server.js

@@ -0,0 +1,13 @@
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { registerGitLabTools } from "../tools/gitlab.js";
+import { registerHealthTool } from "../tools/health.js";
+export function createMcpServer(context) {
+    const server = new McpServer({
+        name: context.env.MCP_SERVER_NAME,
+        version: context.env.MCP_SERVER_VERSION
+    });
+    registerHealthTool(server);
+    registerGitLabTools(server, context);
+    return server;
+}
+//# sourceMappingURL=build-server.js.map

package/dist/server/build-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"build-server.js","sourceRoot":"","sources":["../../src/server/build-server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAEpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAGxD,MAAM,UAAU,eAAe,CAAC,OAAmB;IACjD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;QAC3B,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe;QACjC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB;KACxC,CAAC,CAAC;IAEH,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAC3B,mBAAmB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAErC,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/tools/gitlab.d.ts

@@ -0,0 +1,9 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import type { AppContext } from "../types/context.js";
+export declare function registerGitLabTools(server: McpServer, context: AppContext): void;
+export declare function containsGraphqlMutation(query: string): boolean;
+export declare function parseProjectUploadReference(input: string): {
+    secret: string;
+    filename: string;
+} | undefined;
+export declare function shouldDisableGraphqlTools(allowedProjectIds: string[], allowGraphqlWithProjectScope: boolean): boolean;