keryx 0.15.0 → 0.15.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/config/server/web.ts +1 -1
  2. package/initializers/mcp.ts +9 -3
  3. package/package.json +1 -1
  4. package/templates/scaffold/assets-index.html +21 -0
  5. package/util/scaffold.ts +4 -0
package/config/server/web.ts CHANGED
@@ -47,7 +47,7 @@ export const configServerWeb = {
47
47
  securityHeaders: {
48
48
  "Content-Security-Policy": await loadFromEnvIfSet(
49
49
  "WEB_SECURITY_CSP",
50
- "default-src 'self'",
50
+ "default-src 'self'; script-src 'self' https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; font-src 'self' https://cdn.jsdelivr.net data:; img-src 'self' data: blob:; connect-src 'self'; worker-src blob:",
51
51
  ),
52
52
  "X-Content-Type-Options": await loadFromEnvIfSet(
53
53
  "WEB_SECURITY_CONTENT_TYPE_OPTIONS",
package/initializers/mcp.ts CHANGED
@@ -373,9 +373,9 @@ function createMcpServer(): McpServer {
373
373
  toolConfig.description = action.description;
374
374
  }
375
375
 
376
- if (action.inputs) {
377
- toolConfig.inputSchema = sanitizeSchemaForMcp(action.inputs);
378
- }
376
+ toolConfig.inputSchema = action.inputs
377
+ ? sanitizeSchemaForMcp(action.inputs)
378
+ : z4mini.strictObject({});
379
379
 
380
380
  mcpServer.registerTool(
381
381
  toolName,
@@ -601,6 +601,12 @@ function sanitizeSchemaForMcp(schema: any): any {
601
601
  return schema;
602
602
  }
603
603
 
604
+ // Empty object schemas should use strictObject to produce
605
+ // { type: "object", additionalProperties: false } per MCP spec
606
+ if (Object.entries(schema.shape as Record<string, any>).length === 0) {
607
+ return z4mini.strictObject({});
608
+ }
609
+
604
610
  const newShape: Record<string, any> = {};
605
611
  let needsSanitization = false;
606
612
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "keryx",
3
- "version": "0.15.0",
3
+ "version": "0.15.2",
4
4
  "module": "index.ts",
5
5
  "type": "module",
6
6
  "license": "MIT",
package/templates/scaffold/assets-index.html ADDED
@@ -0,0 +1,21 @@
1
+ <!doctype html>
2
+ <html>
3
+ <head>
4
+ <title>API Reference</title>
5
+ <meta charset="utf-8" />
6
+ <meta name="viewport" content="width=device-width, initial-scale=1" />
7
+ <style>
8
+ .scalar-api-references-footer {
9
+ display: none !important;
10
+ }
11
+ </style>
12
+ </head>
13
+ <body>
14
+ <script
15
+ id="api-reference"
16
+ data-url="/api/swagger"
17
+ data-configuration='{"darkMode":true,"hideClientButton":true,"hideDownloadButton":true,"hiddenClients":true,"authentication":{"preferredSecurityScheme":"sessionCookie"}}'
18
+ ></script>
19
+ <script src="https://cdn.jsdelivr.net/npm/@scalar/api-reference"></script>
20
+ </body>
21
+ </html>
package/util/scaffold.ts CHANGED
@@ -368,6 +368,10 @@ export async function scaffoldProject(
368
368
  await write(filePath, content);
369
369
  }
370
370
 
371
+ // --- Static assets (API documentation) ---
372
+ const swaggerHtml = await loadTemplate("assets-index.html");
373
+ await write("assets/index.html", swaggerHtml);
374
+
371
375
  // --- Example: auth actions (when db) or hello action (when no db) ---
372
376
 
373
377
  if (options.includeExample) {