npm - mcp-dataverse - Versions diffs - 0.1.0 - Mend

mcp-dataverse 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (151) hide show

package/.env.example +15 -0
package/CAPABILITIES.md +992 -0
package/LICENSE +21 -0
package/README.md +277 -0
package/config.example.json +11 -0
package/dist/auth/auth-provider.factory.d.ts +4 -0
package/dist/auth/auth-provider.factory.d.ts.map +1 -0
package/dist/auth/auth-provider.factory.js +15 -0
package/dist/auth/auth-provider.factory.js.map +1 -0
package/dist/auth/auth-provider.interface.d.ts +21 -0
package/dist/auth/auth-provider.interface.d.ts.map +1 -0
package/dist/auth/auth-provider.interface.js +2 -0
package/dist/auth/auth-provider.interface.js.map +1 -0
package/dist/auth/msal-auth-provider.d.ts +14 -0
package/dist/auth/msal-auth-provider.d.ts.map +1 -0
package/dist/auth/msal-auth-provider.js +62 -0
package/dist/auth/msal-auth-provider.js.map +1 -0
package/dist/auth/pac-auth-provider.d.ts +19 -0
package/dist/auth/pac-auth-provider.d.ts.map +1 -0
package/dist/auth/pac-auth-provider.js +153 -0
package/dist/auth/pac-auth-provider.js.map +1 -0
package/dist/config/config.loader.d.ts +3 -0
package/dist/config/config.loader.d.ts.map +1 -0
package/dist/config/config.loader.js +52 -0
package/dist/config/config.loader.js.map +1 -0
package/dist/config/config.schema.d.ts +34 -0
package/dist/config/config.schema.d.ts.map +1 -0
package/dist/config/config.schema.js +25 -0
package/dist/config/config.schema.js.map +1 -0
package/dist/dataverse/dataverse-client-advanced.d.ts +47 -0
package/dist/dataverse/dataverse-client-advanced.d.ts.map +1 -0
package/dist/dataverse/dataverse-client-advanced.js +147 -0
package/dist/dataverse/dataverse-client-advanced.js.map +1 -0
package/dist/dataverse/dataverse-client.d.ts +49 -0
package/dist/dataverse/dataverse-client.d.ts.map +1 -0
package/dist/dataverse/dataverse-client.js +313 -0
package/dist/dataverse/dataverse-client.js.map +1 -0
package/dist/dataverse/dataverse-client.metadata.d.ts +40 -0
package/dist/dataverse/dataverse-client.metadata.d.ts.map +1 -0
package/dist/dataverse/dataverse-client.metadata.js +121 -0
package/dist/dataverse/dataverse-client.metadata.js.map +1 -0
package/dist/dataverse/dataverse-client.utils.d.ts +14 -0
package/dist/dataverse/dataverse-client.utils.d.ts.map +1 -0
package/dist/dataverse/dataverse-client.utils.js +65 -0
package/dist/dataverse/dataverse-client.utils.js.map +1 -0
package/dist/dataverse/http-client.d.ts +36 -0
package/dist/dataverse/http-client.d.ts.map +1 -0
package/dist/dataverse/http-client.js +103 -0
package/dist/dataverse/http-client.js.map +1 -0
package/dist/dataverse/types.d.ts +68 -0
package/dist/dataverse/types.d.ts.map +1 -0
package/dist/dataverse/types.js +2 -0
package/dist/dataverse/types.js.map +1 -0
package/dist/server.d.ts +3 -0
package/dist/server.d.ts.map +1 -0
package/dist/server.js +165 -0
package/dist/server.js.map +1 -0
package/dist/setup-auth.d.ts +2 -0
package/dist/setup-auth.d.ts.map +1 -0
package/dist/setup-auth.js +29 -0
package/dist/setup-auth.js.map +1 -0
package/dist/tools/actions.tools.d.ts +170 -0
package/dist/tools/actions.tools.d.ts.map +1 -0
package/dist/tools/actions.tools.js +179 -0
package/dist/tools/actions.tools.js.map +1 -0
package/dist/tools/annotations.tools.d.ts +82 -0
package/dist/tools/annotations.tools.d.ts.map +1 -0
package/dist/tools/annotations.tools.js +180 -0
package/dist/tools/annotations.tools.js.map +1 -0
package/dist/tools/audit.tools.d.ts +45 -0
package/dist/tools/audit.tools.d.ts.map +1 -0
package/dist/tools/audit.tools.js +163 -0
package/dist/tools/audit.tools.js.map +1 -0
package/dist/tools/auth.tools.d.ts +17 -0
package/dist/tools/auth.tools.d.ts.map +1 -0
package/dist/tools/auth.tools.js +30 -0
package/dist/tools/auth.tools.js.map +1 -0
package/dist/tools/batch.tools.d.ts +45 -0
package/dist/tools/batch.tools.d.ts.map +1 -0
package/dist/tools/batch.tools.js +71 -0
package/dist/tools/batch.tools.js.map +1 -0
package/dist/tools/crud.tools.d.ts +206 -0
package/dist/tools/crud.tools.d.ts.map +1 -0
package/dist/tools/crud.tools.js +213 -0
package/dist/tools/crud.tools.js.map +1 -0
package/dist/tools/customization.tools.d.ts +75 -0
package/dist/tools/customization.tools.d.ts.map +1 -0
package/dist/tools/customization.tools.js +187 -0
package/dist/tools/customization.tools.js.map +1 -0
package/dist/tools/environment.tools.d.ts +40 -0
package/dist/tools/environment.tools.d.ts.map +1 -0
package/dist/tools/environment.tools.js +145 -0
package/dist/tools/environment.tools.js.map +1 -0
package/dist/tools/file.tools.d.ts +61 -0
package/dist/tools/file.tools.d.ts.map +1 -0
package/dist/tools/file.tools.js +142 -0
package/dist/tools/file.tools.js.map +1 -0
package/dist/tools/impersonate.tools.d.ts +37 -0
package/dist/tools/impersonate.tools.d.ts.map +1 -0
package/dist/tools/impersonate.tools.js +85 -0
package/dist/tools/impersonate.tools.js.map +1 -0
package/dist/tools/metadata.tools.d.ts +156 -0
package/dist/tools/metadata.tools.d.ts.map +1 -0
package/dist/tools/metadata.tools.js +200 -0
package/dist/tools/metadata.tools.js.map +1 -0
package/dist/tools/org.tools.d.ts +26 -0
package/dist/tools/org.tools.d.ts.map +1 -0
package/dist/tools/org.tools.js +57 -0
package/dist/tools/org.tools.js.map +1 -0
package/dist/tools/quality.tools.d.ts +30 -0
package/dist/tools/quality.tools.d.ts.map +1 -0
package/dist/tools/quality.tools.js +69 -0
package/dist/tools/quality.tools.js.map +1 -0
package/dist/tools/query.tools.d.ts +120 -0
package/dist/tools/query.tools.d.ts.map +1 -0
package/dist/tools/query.tools.js +182 -0
package/dist/tools/query.tools.js.map +1 -0
package/dist/tools/relations.tools.d.ts +65 -0
package/dist/tools/relations.tools.d.ts.map +1 -0
package/dist/tools/relations.tools.js +64 -0
package/dist/tools/relations.tools.js.map +1 -0
package/dist/tools/search.tools.d.ts +68 -0
package/dist/tools/search.tools.d.ts.map +1 -0
package/dist/tools/search.tools.js +134 -0
package/dist/tools/search.tools.js.map +1 -0
package/dist/tools/solution.tools.d.ts +95 -0
package/dist/tools/solution.tools.d.ts.map +1 -0
package/dist/tools/solution.tools.js +130 -0
package/dist/tools/solution.tools.js.map +1 -0
package/dist/tools/teams.tools.d.ts +27 -0
package/dist/tools/teams.tools.d.ts.map +1 -0
package/dist/tools/teams.tools.js +67 -0
package/dist/tools/teams.tools.js.map +1 -0
package/dist/tools/trace.tools.d.ts +63 -0
package/dist/tools/trace.tools.d.ts.map +1 -0
package/dist/tools/trace.tools.js +218 -0
package/dist/tools/trace.tools.js.map +1 -0
package/dist/tools/tracking.tools.d.ts +35 -0
package/dist/tools/tracking.tools.d.ts.map +1 -0
package/dist/tools/tracking.tools.js +40 -0
package/dist/tools/tracking.tools.js.map +1 -0
package/dist/tools/users.tools.d.ts +57 -0
package/dist/tools/users.tools.d.ts.map +1 -0
package/dist/tools/users.tools.js +146 -0
package/dist/tools/users.tools.js.map +1 -0
package/dist/tools/views.tools.d.ts +30 -0
package/dist/tools/views.tools.d.ts.map +1 -0
package/dist/tools/views.tools.js +84 -0
package/dist/tools/views.tools.js.map +1 -0
package/package.json +81 -0
package/server.json +30 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 MCP Dataverse Contributors
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,277 @@
+# MCP Dataverse Server
+![MCP Dataverse Logo](assets/logo.webp)
+![Node 20+](https://img.shields.io/badge/Node.js-20%2B-green) ![TypeScript](https://img.shields.io/badge/TypeScript-5.4-blue) ![MCP](https://img.shields.io/badge/MCP-1.0-purple) ![npm](https://img.shields.io/npm/v/mcp-dataverse) ![License: MIT](https://img.shields.io/badge/License-MIT-yellow)
+MCP server that exposes the Microsoft Dataverse Web API as **39 AI-callable tools** — enabling GitHub Copilot, Claude, and other MCP clients to query, create, and manage Dataverse records without hallucinating schema.
+## Install
+### One-click (VS Code)
+[Install in VS Code](https://insiders.vscode.dev/redirect?url=vscode-insiders%3Amcp%2Finstall%3F%257B%2522name%2522%253A%2522mcp-dataverse%2522%252C%2522command%2522%253A%2522npx%2522%252C%2522args%2522%253A%255B%2522-y%2522%252C%2522mcp-dataverse%2522%255D%257D)
+### Manual (npx)
+Add to your `.vscode/mcp.json` (or user settings):
+```json
+{
+  "servers": {
+    "dataverse": {
+      "type": "stdio",
+      "command": "npx",
+      "args": ["-y", "mcp-dataverse"]
+    }
+  }
+}
+```
+## Prerequisites
+- Node.js 20+
+- PAC CLI installed & authenticated → [aka.ms/PowerAppsCLI](https://aka.ms/PowerAppsCLI)
+- VS Code + GitHub Copilot (Agent mode)
+## Quick Start (< 5 min)
+### 1. Clone & install
+```bash
+git clone <repo-url> mcp-dataverse && cd mcp-dataverse
+npm install
+```
+### 2. Configure
+```bash
+cp config.example.json config.json
+```
+Edit `config.json`:
+| Field | Description |
+|-------|-------------|
+| `environmentUrl` | Your org URL, e.g. `https://yourorg.crm.dynamics.com` |
+| `authMode` | `"pac"` (recommended) or `"msal"` |
+| `pacProfileName` | PAC CLI profile name (default: `"default"`) |
+| `requestTimeoutMs` | HTTP timeout in ms (default: `30000`) |
+| `maxRetries` | Retry count on transient errors (default: `3`) |
+### 3. Authenticate
+```bash
+npm run auth:setup
+```
+Runs device code authentication. Follow the URL printed to the terminal — sign in with your Power Platform account. Token is cached in `.msal-cache.json` for silent reuse.
+> Only required for `authMode: "pac"`. Skip if PAC CLI (`pac auth create`) is already authenticated.
+### 4. Build
+```bash
+npm run build
+```
+### 5. Verify the connection
+```bash
+npx tsx tests/live/test-whoami.ts
+```
+Expected output:
+```
+WhoAmI result: { UserId: 'xxxxxxxx-...', BusinessUnitId: 'xxxxxxxx-...', OrganizationId: 'xxxxxxxx-...' }
+```
+### 6. Configure VS Code
+`.vscode/mcp.json` is already present in this repo. If you need to add it manually:
+```json
+{
+  "servers": {
+    "dataverse": {
+      "type": "stdio",
+      "command": "node",
+      "args": ["${workspaceFolder}/dist/server.js"],
+      "env": {}
+    }
+  }
+}
+```
+1. Restart VS Code
+2. Open GitHub Copilot chat → switch to **Agent mode** (⚡)
+3. Test: _"List the Dataverse tables in my environment"_
+---
+## Tools (48)
+| Tool | Category | Description |
+|------|----------|-------------|
+| `dataverse_whoami` | Auth | Verify connection; returns UserId, BusinessUnitId, OrgId |
+| `dataverse_list_tables` | Metadata | List all tables (`customOnly` filter available) |
+| `dataverse_get_table_metadata` | Metadata | Full schema: columns, types, logical names |
+| `dataverse_get_relationships` | Metadata | All 1:N, N:1, N:N relationships for a table; filter by `relationshipType` |
+| `dataverse_list_global_option_sets` | Metadata | All global option sets in the environment |
+| `dataverse_get_option_set` | Metadata | Options and values for a specific option set |
+| `dataverse_get_entity_key` | Metadata | Alternate key definitions for a table (fields, index status, customizable flag) |
+| `dataverse_query` | Query | OData query with `$select`, `$filter`, `$orderby`, `$expand`, `$count` |
+| `dataverse_execute_fetchxml` | Query | Raw FetchXML for aggregations and complex joins |
+| `dataverse_retrieve_multiple_with_paging` | Query | Paginated query following `@odata.nextLink`, with configurable `maxTotal` cap |
+| `dataverse_get` | CRUD | Retrieve a single record by GUID |
+| `dataverse_create` | CRUD | Create a record; returns the new GUID |
+| `dataverse_update` | CRUD | Patch a record — only specified fields are changed |
+| `dataverse_delete` | CRUD | Delete a record (requires explicit confirm) |
+| `dataverse_upsert` | CRUD | Create-or-update via alternate key |
+| `dataverse_associate` | Relations | Associate two records via a named relationship |
+| `dataverse_disassociate` | Relations | Remove an association between two records |
+| `dataverse_execute_action` | Actions | Execute a global (unbound) Dataverse action |
+| `dataverse_execute_function` | Actions | Execute a global read-only function (e.g. `WhoAmI`) |
+| `dataverse_execute_bound_action` | Actions | Execute an action bound to a specific record |
+| `dataverse_execute_bound_function` | Actions | Execute an OData bound function on a specific record |
+| `dataverse_retrieve_dependencies_for_delete` | Actions | Check what components block deletion of a Dataverse component |
+| `dataverse_list_dependencies` | Actions | List component dependencies before modifying or deleting |
+| `dataverse_batch_execute` | Batch | Up to 1000 operations in a single HTTP batch request; optional atomic changeset |
+| `dataverse_change_detection` | Tracking | Delta tracking using change tokens to detect record changes since last sync |
+| `dataverse_solution_components` | Solution | List all components in a named solution; filter by component type code |
+| `dataverse_publish_customizations` | Solution | Publish pending customizations (all or targeted entities/web resources/option sets) |
+| `dataverse_impersonate` | Impersonation | Execute any tool on behalf of another Dataverse user via `MSCRMCallerId` |
+| `dataverse_list_custom_actions` | Customization | Lists custom actions (custom API / SDK messages) in the environment |
+| `dataverse_list_plugin_steps` | Customization | Lists plugin step registrations with stage, mode, entity, and state |
+| `dataverse_get_environment_variable` | Environment | Retrieve an environment variable definition and current value |
+| `dataverse_set_environment_variable` | Environment | Set or update an environment variable value |
+| `dataverse_get_plugin_trace_logs` | Trace | Retrieve plugin execution trace logs for debugging |
+| `dataverse_get_workflow_trace_logs` | Trace | Retrieve async workflow/system job execution logs |
+| `dataverse_search` | Search | Full-text Relevance Search across all configured tables |
+| `dataverse_get_audit_log` | Audit | Retrieve audit trail for a record showing change history |
+| `dataverse_detect_duplicates` | Quality | Check for potential duplicates before creating a record |
+| `dataverse_get_annotations` | Annotations | Retrieve notes and file attachments linked to a record |
+| `dataverse_list_users` | Users | Search system users by name or email with BU filtering |
+| `dataverse_get_user_roles` | Users | Security roles assigned to a system user |
+| `dataverse_create_annotation` | Annotations | Create a note or file attachment linked to a record |
+| `dataverse_get_attribute_option_set` | Metadata | Local/entity-specific option set values (statecode, statuscode, picklist) |
+| `dataverse_list_solutions` | Solution | List all solutions in the environment |
+| `dataverse_set_workflow_state` | Customization | Enable or disable a workflow or process |
+| `dataverse_list_views` | Views | List system and personal saved views for a table |
+| `dataverse_upload_file_column` | Files | Upload binary content to a file/image column on a record |
+| `dataverse_download_file_column` | Files | Download binary content from a file/image column on a record |
+| `dataverse_list_business_units` | Org | List business units in the environment (org hierarchy) |
+---
+## Advanced Configuration (MSAL)
+For service-principal auth (CI/CD, unattended), set `authMode: "msal"` in `config.json`:
+```json
+{
+  "environmentUrl": "https://yourorg.crm.dynamics.com",
+  "authMode": "msal",
+  "tenantId": "<azure-ad-tenant-id>",
+  "clientId": "<app-registration-client-id>",
+  "clientSecret": "<client-secret>"
+}
+```
+> The app registration must have the **Dynamics CRM → user_impersonation** API permission and the corresponding Dataverse security role.
+---
+## Scripts
+| Command | Description |
+|---------|-------------|
+| `npm run build` | Compile TypeScript → `dist/` |
+| `npm run dev` | Watch mode — no build step needed |
+| `npm start` | Start the compiled server |
+| `npm run auth:setup` | One-time device code authentication |
+| `npm run typecheck` | Type-check without emitting output |
+| `npm run lint` | ESLint on `src/` |
+| `npm run test:unit` | Unit tests only |
+| `npm run test:integration` | Integration tests |
+| `npm test` | All tests |
+---
+## Architecture
+TypeScript MCP server over **stdio** transport. An `AuthProvider` (PAC CLI or MSAL) injects Bearer tokens into a native-`fetch`-based `HttpClient` wrapped by `DataverseClient`. Each tool module registers handlers with the MCP `Server` instance.
+```
+GitHub Copilot → stdio → MCP Server → Tool Router → DataverseClient → Dataverse Web API v9.2
+                                                           └── AuthProvider (PAC CLI | MSAL)
+```
+---
+## Security
+- **Never commit `config.json`** or `.msal-cache.json` — both are in `.gitignore`
+- Tokens are never logged; only diagnostic messages are written to stderr
+- PAC CLI tokens are scoped to the authenticated user — no privilege escalation
+- Service principal (`msal`) should be assigned the least-privilege Dataverse security role
+---
+## Docker
+The server ships as a single-process stdio MCP server — no HTTP port is exposed.
+**MSAL client credentials** is the recommended auth mode for containers; `PAC_CLI` mode requires an interactive device-code flow and is not suitable for container environments.
+### Build the image
+```bash
+docker build -t mcp-dataverse .
+```
+### Run with MSAL client credentials
+```bash
+docker run --rm -i \
+  -e ENVIRONMENT_URL=https://yourorg.crm.dynamics.com \
+  -e CLIENT_ID=your-client-id \
+  -e CLIENT_SECRET=your-client-secret \
+  -e TENANT_ID=your-tenant-id \
+  mcp-dataverse
+```
+> The app registration must have the **Dynamics CRM → user_impersonation** API permission and a Dataverse security role assigned.
+### Claude Desktop config (Docker)
+Add the following to your Claude Desktop `claude_desktop_config.json`:
+```json
+{
+  "mcpServers": {
+    "dataverse": {
+      "command": "docker",
+      "args": [
+        "run", "--rm", "-i",
+        "-e", "ENVIRONMENT_URL=https://yourorg.crm.dynamics.com",
+        "-e", "CLIENT_ID=your-client-id",
+        "-e", "CLIENT_SECRET=your-client-secret",
+        "-e", "TENANT_ID=your-tenant-id",
+        "mcp-dataverse"
+      ]
+    }
+  }
+}
+```
+---
+## Troubleshooting
+| Symptom | Fix |
+|---------|-----|
+| `No MSAL accounts found` | Run `npm run auth:setup` to re-authenticate |
+| `"https://" is required` | Check `environmentUrl` in `config.json` — must start with `https://` |
+| `pac: command not found` | Install PAC CLI and run `pac auth create --environment <url>` |
+| Server not appearing in Copilot Agent mode | Restart VS Code; check **Output → MCP** panel for errors |

package/config.example.json ADDED Viewed

@@ -0,0 +1,11 @@
+{
+  "environmentUrl": "https://yourorg.crm.dynamics.com",
+  "authMode": "pac",
+  "pacProfileName": "default",
+  "tenantId": "",
+  "clientId": "",
+  "clientSecret": "",
+  "redirectUri": "http://localhost:3000/auth/callback",
+  "requestTimeoutMs": 30000,
+  "maxRetries": 3
+}

package/dist/auth/auth-provider.factory.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+import type { AuthProvider } from './auth-provider.interface.js';
+import type { Config } from '../config/config.schema.js';
+export declare function createAuthProvider(config: Config): AuthProvider;
+//# sourceMappingURL=auth-provider.factory.d.ts.map

package/dist/auth/auth-provider.factory.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth-provider.factory.d.ts","sourceRoot":"","sources":["../../src/auth/auth-provider.factory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAGjE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAC;AAEzD,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,CAW/D"}

package/dist/auth/auth-provider.factory.js ADDED Viewed

@@ -0,0 +1,15 @@
+import { PacAuthProvider } from './pac-auth-provider.js';
+import { MsalAuthProvider } from './msal-auth-provider.js';
+export function createAuthProvider(config) {
+    switch (config.authMode) {
+        case 'pac':
+            return new PacAuthProvider(config.environmentUrl);
+        case 'msal':
+            return new MsalAuthProvider(config);
+        default: {
+            const _exhaustive = config.authMode;
+            throw new Error(`Unknown auth mode: ${_exhaustive}`);
+        }
+    }
+}
+//# sourceMappingURL=auth-provider.factory.js.map

package/dist/auth/auth-provider.factory.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-provider.factory.js","sourceRoot":"","sources":["../../src/auth/auth-provider.factory.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3D,MAAM,UAAU,kBAAkB,CAAC,MAAc;IAC/C,QAAQ,MAAM,CAAC,QAAQ,EAAE,CAAC;QACxB,KAAK,KAAK;YACR,OAAO,IAAI,eAAe,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACpD,KAAK,MAAM;YACT,OAAO,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACtC,OAAO,CAAC,CAAC,CAAC;YACR,MAAM,WAAW,GAAU,MAAM,CAAC,QAAQ,CAAC;YAC3C,MAAM,IAAI,KAAK,CAAC,sBAAsB,WAAW,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/auth/auth-provider.interface.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+export interface AuthProvider {
+    /**
+     * Returns a valid Bearer token for the Dataverse environment.
+     * Implementations must handle token refresh silently.
+     */
+    getToken(): Promise<string>;
+    /**
+     * Invalidates any cached token, forcing a fresh acquisition on the next getToken() call.
+     * Must be called before retrying a request that received a 401 response.
+     */
+    invalidateToken(): void;
+    /**
+     * Returns true if the current auth session is valid.
+     */
+    isAuthenticated(): Promise<boolean>;
+    /**
+     * The Dataverse environment URL this provider authenticates against.
+     */
+    readonly environmentUrl: string;
+}
+//# sourceMappingURL=auth-provider.interface.d.ts.map

package/dist/auth/auth-provider.interface.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth-provider.interface.d.ts","sourceRoot":"","sources":["../../src/auth/auth-provider.interface.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;IAE5B;;;OAGG;IACH,eAAe,IAAI,IAAI,CAAC;IAExB;;OAEG;IACH,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IAEpC;;OAEG;IACH,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;CACjC"}

package/dist/auth/auth-provider.interface.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=auth-provider.interface.js.map

package/dist/auth/auth-provider.interface.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth-provider.interface.js","sourceRoot":"","sources":["../../src/auth/auth-provider.interface.ts"],"names":[],"mappings":""}

package/dist/auth/msal-auth-provider.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import type { AuthProvider } from './auth-provider.interface.js';
+import type { Config } from '../config/config.schema.js';
+export declare class MsalAuthProvider implements AuthProvider {
+    readonly environmentUrl: string;
+    private readonly msalApp;
+    private readonly scope;
+    private cachedToken;
+    private tokenExpiresAt;
+    constructor(config: Config);
+    getToken(): Promise<string>;
+    invalidateToken(): void;
+    isAuthenticated(): Promise<boolean>;
+}
+//# sourceMappingURL=msal-auth-provider.d.ts.map

package/dist/auth/msal-auth-provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"msal-auth-provider.d.ts","sourceRoot":"","sources":["../../src/auth/msal-auth-provider.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,4BAA4B,CAAC;AAEzD,qBAAa,gBAAiB,YAAW,YAAY;IACnD,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAgC;IACxD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAS;IAC/B,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,cAAc,CAAqB;gBAE/B,MAAM,EAAE,MAAM;IA0BpB,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC;IAuBjC,eAAe,IAAI,IAAI;IAKjB,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;CAQ1C"}

package/dist/auth/msal-auth-provider.js ADDED Viewed

@@ -0,0 +1,62 @@
+import { ConfidentialClientApplication } from '@azure/msal-node';
+export class MsalAuthProvider {
+    environmentUrl;
+    msalApp;
+    scope;
+    cachedToken = null;
+    tokenExpiresAt = null;
+    constructor(config) {
+        this.environmentUrl = config.environmentUrl;
+        if (!config.tenantId) {
+            throw new Error('MsalAuthProvider requires config.tenantId for client_credentials flow');
+        }
+        if (!config.clientId) {
+            throw new Error('MsalAuthProvider requires config.clientId for client_credentials flow');
+        }
+        if (!config.clientSecret) {
+            throw new Error('MsalAuthProvider requires config.clientSecret for client_credentials flow');
+        }
+        this.msalApp = new ConfidentialClientApplication({
+            auth: {
+                clientId: config.clientId,
+                clientSecret: config.clientSecret,
+                authority: `https://login.microsoftonline.com/${config.tenantId}`,
+            },
+        });
+        // Scope for Dataverse client_credentials: <environmentUrl>/.default
+        const baseUrl = config.environmentUrl.replace(/\/$/, '');
+        this.scope = `${baseUrl}/.default`;
+    }
+    async getToken() {
+        // Return cached token if still valid (60-second buffer before expiry)
+        if (this.cachedToken !== null && this.tokenExpiresAt !== null && new Date() < this.tokenExpiresAt) {
+            return this.cachedToken;
+        }
+        const result = await this.msalApp.acquireTokenByClientCredential({
+            scopes: [this.scope],
+        });
+        if (result === null || !result.accessToken) {
+            throw new Error('MSAL: acquireTokenByClientCredential returned no access token');
+        }
+        this.cachedToken = result.accessToken;
+        // Subtract 60 seconds from expiry to avoid using a token that is about to expire
+        this.tokenExpiresAt = result.expiresOn
+            ? new Date(result.expiresOn.getTime() - 60_000)
+            : new Date(Date.now() + 3_540_000); // fallback: 59 minutes
+        return this.cachedToken;
+    }
+    invalidateToken() {
+        this.cachedToken = null;
+        this.tokenExpiresAt = null;
+    }
+    async isAuthenticated() {
+        try {
+            await this.getToken();
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+//# sourceMappingURL=msal-auth-provider.js.map

package/dist/auth/msal-auth-provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"msal-auth-provider.js","sourceRoot":"","sources":["../../src/auth/msal-auth-provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,kBAAkB,CAAC;AAIjE,MAAM,OAAO,gBAAgB;IAClB,cAAc,CAAS;IACf,OAAO,CAAgC;IACvC,KAAK,CAAS;IACvB,WAAW,GAAkB,IAAI,CAAC;IAClC,cAAc,GAAgB,IAAI,CAAC;IAE3C,YAAY,MAAc;QACxB,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC;QAE5C,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;QAC3F,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;QAC3F,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;QAC/F,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,IAAI,6BAA6B,CAAC;YAC/C,IAAI,EAAE;gBACJ,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,SAAS,EAAE,qCAAqC,MAAM,CAAC,QAAQ,EAAE;aAClE;SACF,CAAC,CAAC;QAEH,oEAAoE;QACpE,MAAM,OAAO,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC,KAAK,GAAG,GAAG,OAAO,WAAW,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,sEAAsE;QACtE,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,IAAI,IAAI,CAAC,cAAc,KAAK,IAAI,IAAI,IAAI,IAAI,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;YAClG,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,8BAA8B,CAAC;YAC/D,MAAM,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;SACrB,CAAC,CAAC;QAEH,IAAI,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC3C,MAAM,IAAI,KAAK,CAAC,+DAA+D,CAAC,CAAC;QACnF,CAAC;QAED,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACtC,iFAAiF;QACjF,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,SAAS;YACpC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC;YAC/C,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC,CAAC,uBAAuB;QAE7D,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED,eAAe;QACb,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF"}

package/dist/auth/pac-auth-provider.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import type { AuthProvider } from './auth-provider.interface.js';
+export declare class PacAuthProvider implements AuthProvider {
+    readonly environmentUrl: string;
+    private readonly pca;
+    private cachedToken;
+    private tokenExpiresAt;
+    constructor(environmentUrl: string);
+    getToken(): Promise<string>;
+    invalidateToken(): void;
+    isAuthenticated(): Promise<boolean>;
+    /**
+     * Interactive device code flow — call once via `npm run auth:setup`.
+     * Writes to stderr so it doesn't disturb the stdio MCP transport.
+     */
+    setupViaDeviceCode(): Promise<void>;
+    private refreshToken;
+    private cacheResult;
+}
+//# sourceMappingURL=pac-auth-provider.d.ts.map

package/dist/auth/pac-auth-provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"pac-auth-provider.d.ts","sourceRoot":"","sources":["../../src/auth/pac-auth-provider.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAwEjE,qBAAa,eAAgB,YAAW,YAAY;IAClD,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAA0B;IAC9C,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,cAAc,CAAa;gBAEvB,cAAc,EAAE,MAAM;IAY5B,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC;IAQjC,eAAe,IAAI,IAAI;IAKjB,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IASzC;;;OAGG;IACG,kBAAkB,IAAI,OAAO,CAAC,IAAI,CAAC;YAY3B,YAAY;IAiC1B,OAAO,CAAC,WAAW;CAIpB"}

package/dist/auth/pac-auth-provider.js ADDED Viewed

@@ -0,0 +1,153 @@
+import { PublicClientApplication, } from '@azure/msal-node';
+import { existsSync, readFileSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import { createCipheriv, createDecipheriv, createHash, randomBytes } from 'crypto';
+// Microsoft Power Platform CLI App ID — public client, no app registration needed
+const PLATFORM_CLIENT_ID = '1950a258-227b-4e31-a9cf-717495945fc2';
+const TOKEN_CACHE_FILE = join(process.cwd(), '.msal-cache.json');
+/**
+ * Derives a machine+user-scoped encryption key.
+ * Not a substitute for OS-level credential storage (DPAPI/keytar), but prevents
+ * the cache file from being directly readable as plaintext by other processes.
+ */
+function getDerivedKey() {
+    const seed = [
+        process.env['COMPUTERNAME'] ?? process.env['HOSTNAME'] ?? '',
+        process.env['USERNAME'] ?? process.env['USER'] ?? '',
+        'mcp-dataverse-cache-v1',
+    ].join('.');
+    return createHash('sha256').update(seed).digest();
+}
+function encryptForDisk(plaintext) {
+    const key = getDerivedKey();
+    const iv = randomBytes(16);
+    const cipher = createCipheriv('aes-256-gcm', key, iv);
+    const encrypted = Buffer.concat([cipher.update(plaintext, 'utf-8'), cipher.final()]);
+    return JSON.stringify({
+        v: 1,
+        iv: iv.toString('hex'),
+        tag: cipher.getAuthTag().toString('hex'),
+        d: encrypted.toString('hex'),
+    });
+}
+function decryptFromDisk(raw) {
+    const parsed = JSON.parse(raw);
+    if (parsed['v'] !== 1)
+        throw new Error('Unknown cache format version');
+    const iv = Buffer.from(parsed['iv'], 'hex');
+    const tag = Buffer.from(parsed['tag'], 'hex');
+    const encrypted = Buffer.from(parsed['d'], 'hex');
+    const decipher = createDecipheriv('aes-256-gcm', getDerivedKey(), iv);
+    decipher.setAuthTag(tag);
+    return decipher.update(encrypted).toString('utf-8') + decipher.final('utf-8');
+}
+function createCachePlugin() {
+    return {
+        beforeCacheAccess: async (cacheContext) => {
+            if (existsSync(TOKEN_CACHE_FILE)) {
+                try {
+                    const raw = readFileSync(TOKEN_CACHE_FILE, 'utf-8');
+                    // Support both encrypted (v1) and legacy plaintext caches
+                    let serialized;
+                    try {
+                        serialized = decryptFromDisk(raw);
+                    }
+                    catch {
+                        // Legacy plaintext — accept for migration, will be re-written encrypted
+                        serialized = raw;
+                    }
+                    cacheContext.tokenCache.deserialize(serialized);
+                }
+                catch {
+                    // Corrupt cache — ignore, user will need to re-authenticate
+                }
+            }
+        },
+        afterCacheAccess: async (cacheContext) => {
+            if (cacheContext.cacheHasChanged) {
+                writeFileSync(TOKEN_CACHE_FILE, encryptForDisk(cacheContext.tokenCache.serialize()), { encoding: 'utf-8', mode: 0o600 });
+            }
+        },
+    };
+}
+export class PacAuthProvider {
+    environmentUrl;
+    pca;
+    cachedToken = null;
+    tokenExpiresAt = 0;
+    constructor(environmentUrl) {
+        this.environmentUrl = environmentUrl.replace(/\/$/, '');
+        this.pca = new PublicClientApplication({
+            auth: {
+                clientId: PLATFORM_CLIENT_ID,
+                authority: 'https://login.microsoftonline.com/common',
+            },
+            cache: { cachePlugin: createCachePlugin() },
+        });
+    }
+    async getToken() {
+        const now = Date.now();
+        if (this.cachedToken !== null && this.tokenExpiresAt > now + 60_000) {
+            return this.cachedToken;
+        }
+        return this.refreshToken();
+    }
+    invalidateToken() {
+        this.cachedToken = null;
+        this.tokenExpiresAt = 0;
+    }
+    async isAuthenticated() {
+        try {
+            await this.getToken();
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Interactive device code flow — call once via `npm run auth:setup`.
+     * Writes to stderr so it doesn't disturb the stdio MCP transport.
+     */
+    async setupViaDeviceCode() {
+        const result = await this.pca.acquireTokenByDeviceCode({
+            scopes: [`${this.environmentUrl}/.default`],
+            deviceCodeCallback: (response) => {
+                process.stderr.write(`\n${response.message}\n`);
+            },
+        });
+        if (result) {
+            this.cacheResult(result);
+        }
+    }
+    async refreshToken() {
+        const accounts = await this.pca.getAllAccounts();
+        if (accounts.length === 0) {
+            throw new Error('No authenticated account found.\n' +
+                'Run once: npm run auth:setup\n' +
+                'Then restart the server.');
+        }
+        try {
+            const result = await this.pca.acquireTokenSilent({
+                scopes: [`${this.environmentUrl}/.default`],
+                account: accounts[0],
+            });
+            if (!result?.accessToken) {
+                throw new Error('Silent token acquisition returned empty token');
+            }
+            this.cacheResult(result);
+            return result.accessToken;
+        }
+        catch {
+            this.cachedToken = null;
+            throw new Error('Token refresh failed. Re-authenticate:\n' +
+                'npm run auth:setup\n' +
+                'Then restart the server.');
+        }
+    }
+    cacheResult(result) {
+        this.cachedToken = result.accessToken;
+        this.tokenExpiresAt = result.expiresOn?.getTime() ?? (Date.now() + 55 * 60 * 1000);
+    }
+}
+//# sourceMappingURL=pac-auth-provider.js.map

package/dist/auth/pac-auth-provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"pac-auth-provider.js","sourceRoot":"","sources":["../../src/auth/pac-auth-provider.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,uBAAuB,GAIxB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AAC7D,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AAGnF,kFAAkF;AAClF,MAAM,kBAAkB,GAAG,sCAAsC,CAAC;AAClE,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,kBAAkB,CAAC,CAAC;AAEjE;;;;GAIG;AACH,SAAS,aAAa;IACpB,MAAM,IAAI,GAAG;QACX,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE;QAC5D,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE;QACpD,wBAAwB;KACzB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;AACpD,CAAC;AAED,SAAS,cAAc,CAAC,SAAiB;IACvC,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;IAC5B,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;IAC3B,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACrF,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,CAAC,EAAE,CAAC;QACJ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC;QACtB,GAAG,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC;QACxC,CAAC,EAAE,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC;KAC7B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,eAAe,CAAC,GAAW;IAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAA4B,CAAC;IAC1D,IAAI,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IACvE,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAW,EAAE,KAAK,CAAC,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAW,EAAE,KAAK,CAAC,CAAC;IACxD,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAW,EAAE,KAAK,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,gBAAgB,CAAC,aAAa,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC,CAAC;IACtE,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACzB,OAAO,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AAChF,CAAC;AAED,SAAS,iBAAiB;IACxB,OAAO;QACL,iBAAiB,EAAE,KAAK,EAAE,YAA+B,EAAE,EAAE;YAC3D,IAAI,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBACjC,IAAI,CAAC;oBACH,MAAM,GAAG,GAAG,YAAY,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;oBACpD,0DAA0D;oBAC1D,IAAI,UAAkB,CAAC;oBACvB,IAAI,CAAC;wBACH,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;oBACpC,CAAC;oBAAC,MAAM,CAAC;wBACP,wEAAwE;wBACxE,UAAU,GAAG,GAAG,CAAC;oBACnB,CAAC;oBACD,YAAY,CAAC,UAAU,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;gBAClD,CAAC;gBAAC,MAAM,CAAC;oBACP,4DAA4D;gBAC9D,CAAC;YACH,CAAC;QACH,CAAC;QACD,gBAAgB,EAAE,KAAK,EAAE,YAA+B,EAAE,EAAE;YAC1D,IAAI,YAAY,CAAC,eAAe,EAAE,CAAC;gBACjC,aAAa,CAAC,gBAAgB,EAAE,cAAc,CAAC,YAAY,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;YAC3H,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC;AAED,MAAM,OAAO,eAAe;IACjB,cAAc,CAAS;IACf,GAAG,CAA0B;IACtC,WAAW,GAAkB,IAAI,CAAC;IAClC,cAAc,GAAW,CAAC,CAAC;IAEnC,YAAY,cAAsB;QAChC,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAExD,IAAI,CAAC,GAAG,GAAG,IAAI,uBAAuB,CAAC;YACrC,IAAI,EAAE;gBACJ,QAAQ,EAAE,kBAAkB;gBAC5B,SAAS,EAAE,0CAA0C;aACtD;YACD,KAAK,EAAE,EAAE,WAAW,EAAE,iBAAiB,EAAE,EAAE;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,IAAI,IAAI,CAAC,cAAc,GAAG,GAAG,GAAG,MAAM,EAAE,CAAC;YACpE,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QACD,OAAO,IAAI,CAAC,YAAY,EAAE,CAAC;IAC7B,CAAC;IAED,eAAe;QACb,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,eAAe;QACnB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,kBAAkB;QACtB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,wBAAwB,CAAC;YACrD,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,cAAc,WAAW,CAAC;YAC3C,kBAAkB,EAAE,CAAC,QAAQ,EAAE,EAAE;gBAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,QAAQ,CAAC,OAAO,IAAI,CAAC,CAAC;YAClD,CAAC;SACF,CAAC,CAAC;QACH,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,YAAY;QACxB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;QAEjD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CACb,mCAAmC;gBACjC,gCAAgC;gBAChC,0BAA0B,CAC7B,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC;gBAC/C,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,cAAc,WAAW,CAAC;gBAC3C,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAE;aACtB,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,EAAE,WAAW,EAAE,CAAC;gBACzB,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACzB,OAAO,MAAM,CAAC,WAAW,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YACxB,MAAM,IAAI,KAAK,CACb,0CAA0C;gBACxC,sBAAsB;gBACtB,0BAA0B,CAC7B,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,MAA4B;QAC9C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACtC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACrF,CAAC;CACF"}

package/dist/config/config.loader.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { type Config } from './config.schema.js';
+export declare function loadConfig(): Config;
+//# sourceMappingURL=config.loader.d.ts.map

package/dist/config/config.loader.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"config.loader.d.ts","sourceRoot":"","sources":["../../src/config/config.loader.ts"],"names":[],"mappings":"AAEA,OAAO,EAAgB,KAAK,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAI/D,wBAAgB,UAAU,IAAI,MAAM,CAqDnC"}