npm - kiri-mcp-server - Versions diffs - 0.2.0 - Mend

kiri-mcp-server 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (212) hide show

package/LICENSE +21 -0
package/README.md +399 -0
package/config/default.example.yml +12 -0
package/config/denylist.yml +15 -0
package/config/scoring-profiles.yml +37 -0
package/config/security.yml +10 -0
package/dist/client/cli.js +68 -0
package/dist/client/cli.js.map +1 -0
package/dist/client/index.js +5 -0
package/dist/client/index.js.map +1 -0
package/dist/config/default.example.yml +12 -0
package/dist/config/denylist.yml +15 -0
package/dist/config/scoring-profiles.yml +37 -0
package/dist/config/security.yml +10 -0
package/dist/eval/metrics.js +47 -0
package/dist/eval/metrics.js.map +1 -0
package/dist/indexer/cli.js +362 -0
package/dist/indexer/cli.js.map +1 -0
package/dist/indexer/codeintel.js +182 -0
package/dist/indexer/codeintel.js.map +1 -0
package/dist/indexer/git.js +30 -0
package/dist/indexer/git.js.map +1 -0
package/dist/indexer/language.js +34 -0
package/dist/indexer/language.js.map +1 -0
package/dist/indexer/pipeline/filters/denylist.js +71 -0
package/dist/indexer/pipeline/filters/denylist.js.map +1 -0
package/dist/indexer/schema.js +101 -0
package/dist/indexer/schema.js.map +1 -0
package/dist/package.json +93 -0
package/dist/server/bootstrap.js +19 -0
package/dist/server/bootstrap.js.map +1 -0
package/dist/server/context.js +2 -0
package/dist/server/context.js.map +1 -0
package/dist/server/fallbacks/degradeController.js +69 -0
package/dist/server/fallbacks/degradeController.js.map +1 -0
package/dist/server/handlers.js +800 -0
package/dist/server/handlers.js.map +1 -0
package/dist/server/main.js +151 -0
package/dist/server/main.js.map +1 -0
package/dist/server/observability/metrics.js +56 -0
package/dist/server/observability/metrics.js.map +1 -0
package/dist/server/observability/tracing.js +58 -0
package/dist/server/observability/tracing.js.map +1 -0
package/dist/server/rpc.js +477 -0
package/dist/server/rpc.js.map +1 -0
package/dist/server/runtime.js +47 -0
package/dist/server/runtime.js.map +1 -0
package/dist/server/scoring.js +111 -0
package/dist/server/scoring.js.map +1 -0
package/dist/server/stdio.js +76 -0
package/dist/server/stdio.js.map +1 -0
package/dist/shared/duckdb.js +121 -0
package/dist/shared/duckdb.js.map +1 -0
package/dist/shared/embedding.js +85 -0
package/dist/shared/embedding.js.map +1 -0
package/dist/shared/index.js +9 -0
package/dist/shared/index.js.map +1 -0
package/dist/shared/security/config.js +64 -0
package/dist/shared/security/config.js.map +1 -0
package/dist/shared/security/masker.js +56 -0
package/dist/shared/security/masker.js.map +1 -0
package/dist/shared/tokenizer.js +5 -0
package/dist/shared/tokenizer.js.map +1 -0
package/dist/shared/utils/simpleYaml.js +90 -0
package/dist/shared/utils/simpleYaml.js.map +1 -0
package/dist/sql/schema.sql +6 -0
package/dist/src/client/cli.d.ts +3 -0
package/dist/src/client/cli.d.ts.map +1 -0
package/dist/src/client/cli.js +68 -0
package/dist/src/client/cli.js.map +1 -0
package/dist/src/client/index.d.ts +5 -0
package/dist/src/client/index.d.ts.map +1 -0
package/dist/src/client/index.js +5 -0
package/dist/src/client/index.js.map +1 -0
package/dist/src/client/proxy.d.ts +9 -0
package/dist/src/client/proxy.d.ts.map +1 -0
package/dist/src/client/proxy.js +198 -0
package/dist/src/client/proxy.js.map +1 -0
package/dist/src/client/start-daemon.d.ts +30 -0
package/dist/src/client/start-daemon.d.ts.map +1 -0
package/dist/src/client/start-daemon.js +175 -0
package/dist/src/client/start-daemon.js.map +1 -0
package/dist/src/daemon/daemon.d.ts +9 -0
package/dist/src/daemon/daemon.d.ts.map +1 -0
package/dist/src/daemon/daemon.js +149 -0
package/dist/src/daemon/daemon.js.map +1 -0
package/dist/src/daemon/lifecycle.d.ts +101 -0
package/dist/src/daemon/lifecycle.d.ts.map +1 -0
package/dist/src/daemon/lifecycle.js +266 -0
package/dist/src/daemon/lifecycle.js.map +1 -0
package/dist/src/daemon/socket.d.ts +26 -0
package/dist/src/daemon/socket.d.ts.map +1 -0
package/dist/src/daemon/socket.js +132 -0
package/dist/src/daemon/socket.js.map +1 -0
package/dist/src/eval/metrics.d.ts +23 -0
package/dist/src/eval/metrics.d.ts.map +1 -0
package/dist/src/eval/metrics.js +47 -0
package/dist/src/eval/metrics.js.map +1 -0
package/dist/src/index.d.ts +11 -0
package/dist/src/index.d.ts.map +1 -0
package/dist/src/index.js +11 -0
package/dist/src/index.js.map +1 -0
package/dist/src/indexer/cli.d.ts +9 -0
package/dist/src/indexer/cli.d.ts.map +1 -0
package/dist/src/indexer/cli.js +402 -0
package/dist/src/indexer/cli.js.map +1 -0
package/dist/src/indexer/codeintel.d.ts +28 -0
package/dist/src/indexer/codeintel.d.ts.map +1 -0
package/dist/src/indexer/codeintel.js +451 -0
package/dist/src/indexer/codeintel.js.map +1 -0
package/dist/src/indexer/git.d.ts +4 -0
package/dist/src/indexer/git.d.ts.map +1 -0
package/dist/src/indexer/git.js +30 -0
package/dist/src/indexer/git.js.map +1 -0
package/dist/src/indexer/language.d.ts +2 -0
package/dist/src/indexer/language.d.ts.map +1 -0
package/dist/src/indexer/language.js +34 -0
package/dist/src/indexer/language.js.map +1 -0
package/dist/src/indexer/pipeline/filters/denylist.d.ts +10 -0
package/dist/src/indexer/pipeline/filters/denylist.d.ts.map +1 -0
package/dist/src/indexer/pipeline/filters/denylist.js +71 -0
package/dist/src/indexer/pipeline/filters/denylist.js.map +1 -0
package/dist/src/indexer/schema.d.ts +9 -0
package/dist/src/indexer/schema.d.ts.map +1 -0
package/dist/src/indexer/schema.js +125 -0
package/dist/src/indexer/schema.js.map +1 -0
package/dist/src/indexer/watch.d.ts +97 -0
package/dist/src/indexer/watch.d.ts.map +1 -0
package/dist/src/indexer/watch.js +264 -0
package/dist/src/indexer/watch.js.map +1 -0
package/dist/src/server/bootstrap.d.ts +11 -0
package/dist/src/server/bootstrap.d.ts.map +1 -0
package/dist/src/server/bootstrap.js +19 -0
package/dist/src/server/bootstrap.js.map +1 -0
package/dist/src/server/context.d.ts +9 -0
package/dist/src/server/context.d.ts.map +1 -0
package/dist/src/server/context.js +2 -0
package/dist/src/server/context.js.map +1 -0
package/dist/src/server/fallbacks/degradeController.d.ts +24 -0
package/dist/src/server/fallbacks/degradeController.d.ts.map +1 -0
package/dist/src/server/fallbacks/degradeController.js +135 -0
package/dist/src/server/fallbacks/degradeController.js.map +1 -0
package/dist/src/server/handlers.d.ts +105 -0
package/dist/src/server/handlers.d.ts.map +1 -0
package/dist/src/server/handlers.js +954 -0
package/dist/src/server/handlers.js.map +1 -0
package/dist/src/server/indexBootstrap.d.ts +13 -0
package/dist/src/server/indexBootstrap.d.ts.map +1 -0
package/dist/src/server/indexBootstrap.js +109 -0
package/dist/src/server/indexBootstrap.js.map +1 -0
package/dist/src/server/main.d.ts +10 -0
package/dist/src/server/main.d.ts.map +1 -0
package/dist/src/server/main.js +217 -0
package/dist/src/server/main.js.map +1 -0
package/dist/src/server/observability/metrics.d.ts +35 -0
package/dist/src/server/observability/metrics.d.ts.map +1 -0
package/dist/src/server/observability/metrics.js +70 -0
package/dist/src/server/observability/metrics.js.map +1 -0
package/dist/src/server/observability/tracing.d.ts +3 -0
package/dist/src/server/observability/tracing.d.ts.map +1 -0
package/dist/src/server/observability/tracing.js +58 -0
package/dist/src/server/observability/tracing.js.map +1 -0
package/dist/src/server/rpc.d.ts +39 -0
package/dist/src/server/rpc.d.ts.map +1 -0
package/dist/src/server/rpc.js +551 -0
package/dist/src/server/rpc.js.map +1 -0
package/dist/src/server/runtime.d.ts +21 -0
package/dist/src/server/runtime.d.ts.map +1 -0
package/dist/src/server/runtime.js +59 -0
package/dist/src/server/runtime.js.map +1 -0
package/dist/src/server/scoring.d.ts +20 -0
package/dist/src/server/scoring.d.ts.map +1 -0
package/dist/src/server/scoring.js +112 -0
package/dist/src/server/scoring.js.map +1 -0
package/dist/src/server/stdio.d.ts +4 -0
package/dist/src/server/stdio.d.ts.map +1 -0
package/dist/src/server/stdio.js +88 -0
package/dist/src/server/stdio.js.map +1 -0
package/dist/src/shared/duckdb.d.ts +16 -0
package/dist/src/shared/duckdb.d.ts.map +1 -0
package/dist/src/shared/duckdb.js +121 -0
package/dist/src/shared/duckdb.js.map +1 -0
package/dist/src/shared/embedding.d.ts +19 -0
package/dist/src/shared/embedding.d.ts.map +1 -0
package/dist/src/shared/embedding.js +85 -0
package/dist/src/shared/embedding.js.map +1 -0
package/dist/src/shared/index.d.ts +3 -0
package/dist/src/shared/index.d.ts.map +1 -0
package/dist/src/shared/index.js +9 -0
package/dist/src/shared/index.js.map +1 -0
package/dist/src/shared/security/config.d.ts +23 -0
package/dist/src/shared/security/config.d.ts.map +1 -0
package/dist/src/shared/security/config.js +66 -0
package/dist/src/shared/security/config.js.map +1 -0
package/dist/src/shared/security/masker.d.ts +10 -0
package/dist/src/shared/security/masker.d.ts.map +1 -0
package/dist/src/shared/security/masker.js +56 -0
package/dist/src/shared/security/masker.js.map +1 -0
package/dist/src/shared/tokenizer.d.ts +2 -0
package/dist/src/shared/tokenizer.d.ts.map +1 -0
package/dist/src/shared/tokenizer.js +5 -0
package/dist/src/shared/tokenizer.js.map +1 -0
package/dist/src/shared/utils/lockfile.d.ts +46 -0
package/dist/src/shared/utils/lockfile.d.ts.map +1 -0
package/dist/src/shared/utils/lockfile.js +136 -0
package/dist/src/shared/utils/lockfile.js.map +1 -0
package/dist/src/shared/utils/simpleYaml.d.ts +6 -0
package/dist/src/shared/utils/simpleYaml.d.ts.map +1 -0
package/dist/src/shared/utils/simpleYaml.js +90 -0
package/dist/src/shared/utils/simpleYaml.js.map +1 -0
package/package.json +91 -0
package/sql/schema.sql +6 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2025 CAPHTECH
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,399 @@
+# KIRI
+> Context extraction platform for LLMs - Minimal, relevant code fragments from Git repositories
+[![Version](https://img.shields.io/badge/version-0.2.0-blue.svg)](package.json)
+[![License](https://img.shields.io/badge/license-MIT-green.svg)](LICENSE)
+[![TypeScript](https://img.shields.io/badge/TypeScript-5.6-blue.svg)](https://www.typescriptlang.org/)
+**KIRI** is a context extraction platform that indexes Git repositories into DuckDB and provides MCP (Model Context Protocol) tools for semantic code search. It extracts minimal, relevant code fragments (snippets) based on structure, history, and proximity to minimize LLM token usage.
+## 🎯 Key Features
+- **🔍 Smart Code Search**: Full-text search with multi-word queries, FTS/BM25 ranking, and graceful fallback
+- **📦 Context Bundling**: Extract relevant code fragments based on task goals
+- **🔗 Dependency Analysis**: Bidirectional dependency graphs (outbound and inbound closure)
+- **⚡ Fast Response**: Time to first useful result ≤ 1.0s
+- **🛡️ Degrade-First Architecture**: Works without VSS/FTS extensions via fallback
+- **🔌 MCP Integration**: JSON-RPC 2.0 over stdio/HTTP
+- **👁️ Watch Mode**: Automatic re-indexing on file changes with debouncing
+## 📝 Supported Languages
+KIRI currently supports AST-based symbol extraction for:
+| Language       | Extensions    | Symbol Types                                                                   | Parser                  |
+| -------------- | ------------- | ------------------------------------------------------------------------------ | ----------------------- |
+| **TypeScript** | `.ts`, `.tsx` | `class`, `interface`, `enum`, `function`, `method`                             | TypeScript Compiler API |
+| **Swift**      | `.swift`      | `class`, `struct`, `protocol`, `enum`, `extension`, `func`, `init`, `property` | tree-sitter-swift       |
+Other languages are detected and indexed but use full-file snippets instead of symbol-level extraction. Support for additional languages (Rust, Go, Python, etc.) is planned.
+## 🚀 Quick Start
+### Installation
+#### For End Users (after npm publication)
+```bash
+# Global installation (recommended)
+npm install -g kiri-mcp-server
+# Or use npx (no installation required)
+npx kiri-mcp-server --repo . --db .kiri/index.duckdb
+```
+#### For Development
+```bash
+# Clone and install dependencies
+git clone https://github.com/CAPHTECH/kiri.git
+cd kiri
+pnpm install
+# Build the project
+pnpm run build
+# Link the package globally (makes 'kiri' command available)
+npm link
+```
+### Start MCP Server
+**Note**: Since v0.1.0, the server automatically indexes your repository on first startup if the database doesn't exist. No manual indexing step required!
+#### Stdio Mode (for MCP clients like Codex)
+```bash
+# Start stdio server (auto-indexes if DB doesn't exist)
+kiri-server --repo . --db .kiri/index.duckdb
+# Force re-indexing
+kiri-server --repo . --db .kiri/index.duckdb --reindex
+# Start with watch mode (auto-reindex on file changes)
+kiri-server --repo . --db .kiri/index.duckdb --watch
+# Customize debounce timing (default: 500ms)
+kiri-server --repo . --db .kiri/index.duckdb --watch --debounce 1000
+```
+> インストールなしで試す場合は `npx kiri-mcp-server@latest kiri-server --repo . --db .kiri/index.duckdb` を利用できる。
+#### Manual Indexing (Optional)
+If you prefer to index manually before starting the server:
+```bash
+# Run once to create the database, then exit
+kiri-server --repo . --db .kiri/index.duckdb --reindex
+# Or use the daemon for background indexing
+kiri-daemon --repo . --db .kiri/index.duckdb --watch
+```
+#### HTTP Mode (for testing)
+```bash
+# Start HTTP server on port 8765
+kiri-server --repo . --db .kiri/index.duckdb --port 8765
+# Or specify custom port
+kiri-server --repo . --db .kiri/index.duckdb --port 9000
+# With watch mode enabled
+kiri-server --repo . --db .kiri/index.duckdb --port 8765 --watch --debounce 1000
+```
+## 📋 MCP Tools
+KIRI provides 5 MCP tools for code exploration:
+| Tool                | Description                                                           |
+| ------------------- | --------------------------------------------------------------------- |
+| **context.bundle**  | Extract relevant code context based on task goals                     |
+| **semantic.rerank** | Re-rank candidates by semantic similarity                             |
+| **files.search**    | Full-text search with multi-word queries (FTS/BM25 or ILIKE fallback) |
+| **snippets.get**    | Retrieve code snippets with symbol boundaries                         |
+| **deps.closure**    | Get dependency graph neighborhood (outbound/inbound)                  |
+### Search Query Syntax
+**files.search** supports multi-word queries automatically:
+- `"tools call implementation"` → Finds files containing ANY of these words (OR logic)
+- `"MCP-server-handler"` → Splits on hyphens and searches for each part
+- Single words work as expected: `"DuckDB"` → Exact match
+When DuckDB's FTS extension is available, searches use BM25 ranking for better relevance. Otherwise, the system falls back to pattern matching (ILIKE) with graceful degradation.
+### File Type Boosting
+Control search ranking behavior with the `boost_profile` parameter:
+- **`"default"`** (default): Prioritizes implementation files (src/\*.ts) over documentation
+- **`"docs"`**: Prioritizes documentation files (\*.md) over implementation
+- **`"none"`**: Pure BM25 scoring without file type adjustments
+```javascript
+// Find implementation files (default behavior)
+mcp__kiri__files_search({ query: "filesSearch implementation" });
+// Find documentation
+mcp__kiri__files_search({ query: "setup guide", boost_profile: "docs" });
+// Pure BM25 ranking
+mcp__kiri__files_search({ query: "authentication", boost_profile: "none" });
+```
+## 🔧 Configuration
+### Watch Mode
+Watch mode monitors your repository for file changes and automatically re-indexes when changes are detected:
+- **Debouncing**: Aggregates rapid consecutive changes to minimize reindex operations (default: 500ms)
+- **Denylist Integration**: Respects both `denylist.yml` and `.gitignore` patterns
+- **Lock Management**: Prevents concurrent indexing using lock files
+- **Graceful Shutdown**: Supports `SIGINT`/`SIGTERM` for clean termination
+- **Statistics**: Tracks reindex count, duration, and queue depth
+```bash
+# Enable watch mode with default debounce (500ms)
+kiri-server --repo . --db .kiri/index.duckdb --watch
+# Customize debounce timing for slower hardware or network filesystems
+kiri-server --repo . --db .kiri/index.duckdb --watch --debounce 1000
+# Watch mode works with both stdio and HTTP modes
+kiri-server --repo . --db .kiri/index.duckdb --port 8765 --watch
+```
+**Note**: Watch mode runs in parallel with the MCP server. File changes trigger reindexing in the background without interrupting ongoing queries.
+### MCP Client Integration
+#### Option 1: Global Installation (Recommended for End Users)
+```bash
+npm install -g kiri-mcp-server
+```
+Create `~/.config/codex/mcp.json` or `.claude/mcp.json`:
+```json
+{
+  "mcpServers": {
+    "kiri": {
+      "command": "kiri",
+      "args": [
+        "--repo",
+        "/path/to/your/project",
+        "--db",
+        "/path/to/your/project/.kiri/index.duckdb",
+        "--watch"
+      ]
+    }
+  }
+}
+```
+#### Option 2: npx (No Installation Required)
+```json
+{
+  "mcpServers": {
+    "kiri": {
+      "command": "npx",
+      "args": [
+        "kiri-mcp-server",
+        "--repo",
+        "/path/to/your/project",
+        "--db",
+        "/path/to/your/project/.kiri/index.duckdb"
+      ]
+    }
+  }
+}
+```
+**Note**: `npx` automatically downloads and caches the package on first use. Subsequent starts are faster.
+#### Option 3: Local Development (with npm link)
+After running `npm link` in the KIRI repository:
+```json
+{
+  "mcpServers": {
+    "kiri": {
+      "command": "kiri",
+      "args": [
+        "--repo",
+        "/path/to/your/project",
+        "--db",
+        "/path/to/your/project/.kiri/index.duckdb",
+        "--watch"
+      ]
+    }
+  }
+}
+```
+**Note**: The `kiri` command will use the symlinked version from your local development directory. Changes require rebuilding with `pnpm run build`.
+See [examples/README.md](examples/README.md) for detailed usage examples.
+## 🏗️ Architecture
+```
+┌────────────────────┐     ┌─────────────────────────────┐     ┌────────────────────┐
+│   MCP Client       │<--->│ KIRI MCP Server (JSON-RPC)  │<--->│     DuckDB         │
+│ (Codex CLI, etc.)  │     │ tools: search/bundle/...    │     │  index.duckdb      │
+└────────────────────┘     └─────────────────────────────┘     └────────────────────┘
+                                    ^
+                                    │
+                          ┌─────────┴──────────┐
+                          │     Indexer        │
+                          │  git scan / AST    │
+                          │  embedding (opt)   │
+                          └────────────────────┘
+```
+### Three-Tier Architecture
+1. **Indexer** (`src/indexer/`): Scans Git worktrees, extracts metadata and content, persists to DuckDB
+2. **MCP Server** (`src/server/`): JSON-RPC 2.0 server exposing search and context tools
+3. **Client** (`src/client/`): CLI utilities and integration helpers
+## 📊 Data Model
+KIRI uses a **blob/tree separation** pattern (similar to Git internals):
+- **`blob`**: Stores unique file content by hash (deduplicates renamed/copied files)
+- **`tree`**: Maps `repo_id + commit_hash + path → blob_hash`
+- **`file`**: Convenience view of HEAD state for fast queries
+- **`symbol`**: AST-based function/class/method boundaries
+- **`snippet`**: Line-range chunks aligned to symbol boundaries
+See [docs/data-model.md](docs/data-model.md) for complete schema details.
+## 🧪 Development
+### Run Tests
+```bash
+# Run all tests with coverage (requires ≥80%)
+pnpm run test
+# Run specific test file
+pnpm exec vitest run tests/server/handlers.spec.ts
+# Run tests in watch mode
+pnpm exec vitest
+```
+### Code Quality
+```bash
+# Lint and test
+pnpm run check
+# Fix linting issues
+pnpm exec eslint --fix "src/**/*.ts"
+```
+### Project Structure
+```
+kiri/
+├── src/
+│   ├── indexer/      # Git scanning, language detection, schema management
+│   ├── server/       # MCP server, JSON-RPC handlers, context resolution
+│   ├── shared/       # DuckDB client wrapper, common utilities
+│   └── client/       # CLI and integration utilities
+├── tests/            # Test files (mirrors src/ structure)
+├── docs/             # Architecture documentation
+├── config/           # YAML configuration schemas
+├── sql/              # SQL schema definitions
+├── examples/         # Usage examples and integration guides
+└── var/              # Generated files and databases (gitignored)
+```
+## 📚 Documentation
+- [Overview](docs/overview.md) - Core design and architecture
+- [Data Model](docs/data-model.md) - Database schema details
+- [Indexer](docs/indexer.md) - Indexing logic and patterns
+- [Search & Ranking](docs/search-ranking.md) - Search algorithms
+- [API Reference](docs/api-and-client.md) - API documentation
+- [Codex Setup](docs/codex-setup.md) - Codex integration guide
+- [Examples](examples/README.md) - Usage examples
+## 🎯 Performance Targets
+| Metric              | Target | Description                                 |
+| ------------------- | ------ | ------------------------------------------- |
+| **P@10**            | ≥ 0.7  | Precision at 10 - Top 10 snippets relevance |
+| **TTFU**            | ≤ 1.0s | Time to first useful result                 |
+| **Token Reduction** | ≥ 40%  | Compared to naive copy-paste approach       |
+| **Coverage**        | ≥ 80%  | Statement and line coverage for tests       |
+## 🔐 Security
+- Sensitive paths (`.env*`, `*.pem`, `secrets/**`) are filtered by both `.gitignore` and indexer
+- All responses mask sensitive values with `***`
+- No credentials or secrets are stored in the database
+## 🛠️ Commands Reference
+```bash
+# Build
+pnpm run build                # Compile TypeScript to dist/
+# Development
+pnpm run dev                  # Start HTTP server with hot reload on :8765
+# Testing
+pnpm run test                 # Run all tests with coverage
+pnpm run check                # Lint + test
+# Server modes (installed globally or via npx)
+kiri-server --repo <path> --db <db-path>                     # stdio mode (auto-indexes if needed)
+kiri-server --repo <path> --db <db-path> --port 8765        # HTTP mode (auto-indexes if needed)
+kiri-server --repo <path> --db <db-path> --reindex          # Force re-indexing
+kiri-server --repo <path> --db <db-path> --watch            # Enable watch mode
+kiri-server --repo <path> --db <db-path> --watch --debounce 1000  # Custom debounce timing
+# npx without global install
+npx kiri-mcp-server@latest kiri-server --repo <path> --db <db-path>
+```
+## 🤝 Contributing
+We follow these conventions:
+- **Code Style**: 2-space indentation, `camelCase` for variables, `PascalCase` for types
+- **Commits**: [Conventional Commits](https://www.conventionalcommits.org/) format
+- **Testing**: Maintain ≥80% coverage for new code
+- **Documentation**: Update relevant docs with code changes
+See [AGENTS.md](AGENTS.md) for detailed guidelines.
+## 📄 License
+MIT License - See [LICENSE](LICENSE) for details.
+## 🙏 Acknowledgments
+Built with:
+- [DuckDB](https://duckdb.org/) - Embedded analytical database
+- [tree-sitter](https://tree-sitter.github.io/) - Parser generator for AST extraction
+- [MCP](https://modelcontextprotocol.io/) - Model Context Protocol
+---
+**Status**: v0.2.0 (Alpha) - Active development
+For questions or issues, please open a [GitHub issue](https://github.com/CAPHTECH/kiri/issues).

package/config/default.example.yml ADDED Viewed

@@ -0,0 +1,12 @@
+mcp:
+  port: 8765
+  host: 127.0.0.1
+  tools:
+    - context.bundle
+    - files.search
+indexer:
+  repoRoot: "../../target-repo"
+  database: "var/index.duckdb"
+  exclude:
+    - "**/node_modules/**"
+    - "**/dist/**"

package/config/denylist.yml ADDED Viewed

@@ -0,0 +1,15 @@
+# Paths that must never be indexed or surfaced
+patterns:
+  - secrets/**
+  - "*.pem"
+  - .env*
+  # Binary and archive files
+  - "*.zip"
+  - "*.tar"
+  - "*.tar.gz"
+  - "*.tgz"
+  - "*.rar"
+  - "*.7z"
+  - "*.jar"
+  - "*.war"
+  - "*.ear"

package/config/scoring-profiles.yml ADDED Viewed

@@ -0,0 +1,37 @@
+# Scoring weight profiles for context.bundle
+# Each profile defines weights for different ranking signals
+default:
+  textMatch: 1.0 # Text/keyword match weight
+  editingPath: 2.0 # Currently editing file weight
+  dependency: 0.5 # Dependency relationship weight
+  proximity: 0.25 # Same directory weight
+  structural: 0.75 # Structural similarity weight (LSH-based, not semantic embeddings)
+bugfix:
+  textMatch: 1.0
+  editingPath: 1.8
+  dependency: 0.7 # Higher: bugs often in dependencies
+  proximity: 0.35
+  structural: 0.9 # Higher: structural understanding helps
+testfail:
+  textMatch: 1.0
+  editingPath: 1.6
+  dependency: 0.85 # Very high: failed tests reveal dependencies
+  proximity: 0.3
+  structural: 0.8
+typeerror:
+  textMatch: 1.0
+  editingPath: 1.4
+  dependency: 0.6
+  proximity: 0.4 # Higher: type errors cluster in modules
+  structural: 0.6 # Lower: type errors are structural
+feature:
+  textMatch: 1.0
+  editingPath: 1.5
+  dependency: 0.45 # Lower: new features less dependent
+  proximity: 0.5 # Higher: features cluster spatially
+  structural: 0.7

package/config/security.yml ADDED Viewed

@@ -0,0 +1,10 @@
+# Security baseline for KIRI MCP deployment
+allowed_paths:
+  - ./
+  - ../shared
+allow_network_egress: false
+allow_subprocess: false
+sensitive_tokens:
+  - "sk-"
+  - "ghp_"
+  - "-----BEGIN"

package/dist/client/cli.js ADDED Viewed

@@ -0,0 +1,68 @@
+#!/usr/bin/env node
+import process from "node:process";
+import { bootstrapServer } from "../server/bootstrap.js";
+import { evaluateSecurityStatus, updateSecurityLock } from "../shared/security/config.js";
+function printUsage() {
+    console.info(`Usage: pnpm exec tsx src/client/cli.ts <command> [options]\n`);
+    console.info(`Commands:`);
+    console.info(`  security verify [--write-lock]    Verify security baseline matches lock file`);
+}
+function formatStatus() {
+    const status = evaluateSecurityStatus();
+    const lockInfo = status.lockHash ? `hash=${status.lockHash}` : "missing";
+    const matchState = status.matches ? "MATCH" : "MISMATCH";
+    return [
+        `config: ${status.configPath}`,
+        `lock: ${status.lockPath} (${lockInfo})`,
+        `state: ${matchState}`,
+    ].join("\n");
+}
+function handleSecurityVerify(argv) {
+    const writeLock = argv.includes("--write-lock");
+    const status = evaluateSecurityStatus();
+    if (!status.lockHash && writeLock) {
+        updateSecurityLock(status.hash);
+        console.info("Security lock created.");
+        const refreshed = evaluateSecurityStatus();
+        console.info([
+            `config: ${refreshed.configPath}`,
+            `lock: ${refreshed.lockPath} (hash=${refreshed.lockHash})`,
+            "state: MATCH",
+        ].join("\n"));
+        return 0;
+    }
+    try {
+        bootstrapServer({ allowWriteLock: writeLock });
+        console.info("Security baseline verified.");
+        console.info(formatStatus());
+        return 0;
+    }
+    catch (error) {
+        console.error(error instanceof Error ? error.message : String(error));
+        console.info(formatStatus());
+        return 1;
+    }
+}
+export function main(argv = process.argv.slice(2)) {
+    const [command, ...rest] = argv;
+    switch (command) {
+        case "security": {
+            const [subcommand, ...subArgs] = rest;
+            if (subcommand === "verify") {
+                return handleSecurityVerify(subArgs);
+            }
+            break;
+        }
+        case undefined:
+            printUsage();
+            return 1;
+        default:
+            break;
+    }
+    printUsage();
+    return 1;
+}
+if (process.argv[1] && new URL(import.meta.url).pathname === process.argv[1]) {
+    process.exitCode = main();
+}
+//# sourceMappingURL=cli.js.map

package/dist/client/cli.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/client/cli.ts"],"names":[],"mappings":";AACA,OAAO,OAAO,MAAM,cAAc,CAAC;AAEnC,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAE1F,SAAS,UAAU;IACjB,OAAO,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;IAC7E,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC1B,OAAO,CAAC,IAAI,CAAC,gFAAgF,CAAC,CAAC;AACjG,CAAC;AAED,SAAS,YAAY;IACnB,MAAM,MAAM,GAAG,sBAAsB,EAAE,CAAC;IACxC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC;IACzD,OAAO;QACL,WAAW,MAAM,CAAC,UAAU,EAAE;QAC9B,SAAS,MAAM,CAAC,QAAQ,KAAK,QAAQ,GAAG;QACxC,UAAU,UAAU,EAAE;KACvB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAc;IAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,sBAAsB,EAAE,CAAC;IACxC,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,SAAS,EAAE,CAAC;QAClC,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACvC,MAAM,SAAS,GAAG,sBAAsB,EAAE,CAAC;QAC3C,OAAO,CAAC,IAAI,CACV;YACE,WAAW,SAAS,CAAC,UAAU,EAAE;YACjC,SAAS,SAAS,CAAC,QAAQ,UAAU,SAAS,CAAC,QAAQ,GAAG;YAC1D,cAAc;SACf,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAC;QACF,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,CAAC;QACH,eAAe,CAAC,EAAE,cAAc,EAAE,SAAS,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;QAC7B,OAAO,CAAC,CAAC;IACX,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACtE,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;QAC7B,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED,MAAM,UAAU,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAC/C,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;IAChC,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,UAAU,CAAC,CAAC,CAAC;YAChB,MAAM,CAAC,UAAU,EAAE,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC;YACtC,IAAI,UAAU,KAAK,QAAQ,EAAE,CAAC;gBAC5B,OAAO,oBAAoB,CAAC,OAAO,CAAC,CAAC;YACvC,CAAC;YACD,MAAM;QACR,CAAC;QACD,KAAK,SAAS;YACZ,UAAU,EAAE,CAAC;YACb,OAAO,CAAC,CAAC;QACX;YACE,MAAM;IACV,CAAC;IACD,UAAU,EAAE,CAAC;IACb,OAAO,CAAC,CAAC;AACX,CAAC;AAED,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7E,OAAO,CAAC,QAAQ,GAAG,IAAI,EAAE,CAAC;AAC5B,CAAC"}

package/dist/client/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+export function buildContextBundleRequest(snippets) {
+    // TODO: align with MCP client schema
+    return JSON.stringify({ snippets }, null, 2);
+}
+//# sourceMappingURL=index.js.map

package/dist/client/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,yBAAyB,CACvC,QAAkD;IAElD,qCAAqC;IACrC,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AAC/C,CAAC"}

package/dist/config/default.example.yml ADDED Viewed

@@ -0,0 +1,12 @@
+mcp:
+  port: 8765
+  host: 127.0.0.1
+  tools:
+    - context.bundle
+    - files.search
+indexer:
+  repoRoot: "../../target-repo"
+  database: "var/index.duckdb"
+  exclude:
+    - "**/node_modules/**"
+    - "**/dist/**"

package/dist/config/denylist.yml ADDED Viewed

@@ -0,0 +1,15 @@
+# Paths that must never be indexed or surfaced
+patterns:
+  - secrets/**
+  - "*.pem"
+  - .env*
+  # Binary and archive files
+  - "*.zip"
+  - "*.tar"
+  - "*.tar.gz"
+  - "*.tgz"
+  - "*.rar"
+  - "*.7z"
+  - "*.jar"
+  - "*.war"
+  - "*.ear"

package/dist/config/scoring-profiles.yml ADDED Viewed

@@ -0,0 +1,37 @@
+# Scoring weight profiles for context.bundle
+# Each profile defines weights for different ranking signals
+default:
+  textMatch: 1.0 # Text/keyword match weight
+  editingPath: 2.0 # Currently editing file weight
+  dependency: 0.5 # Dependency relationship weight
+  proximity: 0.25 # Same directory weight
+  structural: 0.75 # Structural similarity weight (LSH-based, not semantic embeddings)
+bugfix:
+  textMatch: 1.0
+  editingPath: 1.8
+  dependency: 0.7 # Higher: bugs often in dependencies
+  proximity: 0.35
+  structural: 0.9 # Higher: structural understanding helps
+testfail:
+  textMatch: 1.0
+  editingPath: 1.6
+  dependency: 0.85 # Very high: failed tests reveal dependencies
+  proximity: 0.3
+  structural: 0.8
+typeerror:
+  textMatch: 1.0
+  editingPath: 1.4
+  dependency: 0.6
+  proximity: 0.4 # Higher: type errors cluster in modules
+  structural: 0.6 # Lower: type errors are structural
+feature:
+  textMatch: 1.0
+  editingPath: 1.5
+  dependency: 0.45 # Lower: new features less dependent
+  proximity: 0.5 # Higher: features cluster spatially
+  structural: 0.7

package/dist/config/security.yml ADDED Viewed

@@ -0,0 +1,10 @@
+# Security baseline for KIRI MCP deployment
+allowed_paths:
+  - ./
+  - ../shared
+allow_network_egress: false
+allow_subprocess: false
+sensitive_tokens:
+  - "sk-"
+  - "ghp_"
+  - "-----BEGIN"