mcp-db-analyzer 0.2.6 → 0.2.8

package/README.md

@@ -21,6 +21,19 @@ Other analytical MCP servers (CrystalDBA, pg-dash, MCP-PostgreSQL-Ops) cover Pos
 - **Markdown output** optimized for LLM consumption
 - **Zero configuration** — just set `DATABASE_URL`
 
+## Pro Tier
+
+**Generate exportable diagnostic reports (HTML + PDF)** with a Pro license key.
+
+- Full JVM thread dump analysis report with actionable recommendations
+- PDF export for sharing with your team
+- Priority support
+
+<!-- TODO: replace placeholder Stripe Payment Link once STRIPE_SECRET_KEY is configured -->
+**$9.99/month** — [Get Pro License](https://buy.stripe.com/PLACEHOLDER)
+
+Pro license key activates the `generate_report` MCP tool in mcp-jvm-diagnostics.
+
 ## Installation
 
 ```bash

package/build/analyzers/connections.js

@@ -63,7 +63,7 @@ async function analyzePostgresConnections() {
         lines.push("| PID | User | Duration | Query |");
         lines.push("|-----|------|----------|-------|");
         for (const row of idleTxn.rows) {
-            lines.push(`| ${row.pid} | ${row.usename} | ${row.duration} | ${row.query} |`);
+            lines.push(`| ${row.pid} | ${row.usename} | ${row.duration} | ${row.query.replace(/\|/g, "\\|")} |`);
         }
         lines.push("");
     }
@@ -83,7 +83,7 @@ async function analyzePostgresConnections() {
         lines.push("| PID | User | Duration | Wait | Query |");
         lines.push("|-----|------|----------|------|-------|");
         for (const row of longQueries.rows) {
-            lines.push(`| ${row.pid} | ${row.usename} | ${row.duration} | ${row.wait_event_type || "-"} | ${row.query} |`);
+            lines.push(`| ${row.pid} | ${row.usename} | ${row.duration} | ${row.wait_event_type || "-"} | ${row.query.replace(/\|/g, "\\|")} |`);
         }
         lines.push("");
     }
@@ -112,7 +112,7 @@ async function analyzePostgresConnections() {
         lines.push("| Blocked PID | Blocking PID | Blocked Query | Blocking Query |");
         lines.push("|-------------|--------------|---------------|----------------|");
         for (const row of blocked.rows) {
-            lines.push(`| ${row.blocked_pid} | ${row.blocking_pid} | ${row.blocked_query} | ${row.blocking_query} |`);
+            lines.push(`| ${row.blocked_pid} | ${row.blocking_pid} | ${row.blocked_query.replace(/\|/g, "\\|")} | ${row.blocking_query.replace(/\|/g, "\\|")} |`);
         }
         lines.push("");
     }
@@ -172,7 +172,8 @@ async function analyzeMysqlConnections() {
         lines.push("| ID | User | Duration (s) | State | Query |");
         lines.push("|-----|------|-------------|-------|-------|");
         for (const row of longQueries.rows) {
-            lines.push(`| ${row.id} | ${row.user} | ${row.time} | ${row.state} | ${row.info} |`);
+            const info = row.info ? row.info.replace(/\|/g, "\\|") : "-";
+            lines.push(`| ${row.id} | ${row.user} | ${row.time} | ${row.state} | ${info} |`);
         }
         lines.push("");
     }

package/build/analyzers/query.js

@@ -237,14 +237,19 @@ function collectWarnings(node) {
     if (node["Sort Method"] === "external merge") {
         warnings.push(`**Disk sort** detected. Increase \`work_mem\` or add an index to avoid sorting.`);
     }
-    // Stale statistics: actual rows deviate significantly from planner estimate
-    if (node["Actual Rows"] !== undefined &&
-        node["Plan Rows"] > 0 &&
-        node["Actual Rows"] > 0) {
-        const ratio = node["Actual Rows"] / node["Plan Rows"];
-        if (ratio > 10 || ratio < 0.1) {
-            const relation = node["Relation Name"] ?? node["Node Type"];
-            warnings.push(`**Stale statistics** on \`${relation}\`: planner estimated ${node["Plan Rows"]} rows but got ${node["Actual Rows"]} (${ratio > 1 ? ratio.toFixed(0) + "× over" : (1 / ratio).toFixed(0) + "× under"}estimate). Run \`ANALYZE ${node["Relation Name"] ?? ""}\` to refresh table statistics.`);
+    // Stale statistics: actual rows deviate significantly from planner estimate.
+    // Handle Plan Rows = 0 separately — the planner expected an empty result but
+    // got rows, which is the most misleading case for query planning.
+    if (node["Actual Rows"] !== undefined) {
+        const relation = node["Relation Name"] ?? node["Node Type"];
+        if (node["Plan Rows"] === 0 && node["Actual Rows"] > 0) {
+            warnings.push(`**Stale statistics** on \`${relation}\`: planner estimated 0 rows but got ${node["Actual Rows"]}. Run \`ANALYZE ${node["Relation Name"] ?? ""}\` to refresh table statistics.`);
+        }
+        else if (node["Plan Rows"] > 0 && node["Actual Rows"] > 0) {
+            const ratio = node["Actual Rows"] / node["Plan Rows"];
+            if (ratio > 10 || ratio < 0.1) {
+                warnings.push(`**Stale statistics** on \`${relation}\`: planner estimated ${node["Plan Rows"]} rows but got ${node["Actual Rows"]} (${ratio > 1 ? ratio.toFixed(0) + "× over" : (1 / ratio).toFixed(0) + "× under"}estimate). Run \`ANALYZE ${node["Relation Name"] ?? ""}\` to refresh table statistics.`);
+            }
         }
     }
     if (node.Plans) {

package/build/db-mysql.js

@@ -49,7 +49,13 @@ export function createMysqlAdapter() {
                     return { rows: rows };
                 }
                 catch (err) {
-                    await conn.rollback();
+                    try {
+                        await conn.rollback();
+                    }
+                    catch {
+                        // Transaction may not have started (e.g. beginTransaction threw);
+                        // suppress the secondary error so the original cause is preserved.
+                    }
                     throw err;
                 }
             }

package/build/db-sqlite.js

@@ -11,6 +11,9 @@ export function createSqliteAdapter() {
             }
             db = new Database(dbPath, { readonly: true });
             db.pragma("journal_mode = WAL");
+            // Enforce read-only at the SQL engine level, not just at the file level.
+            // This prevents any write attempt from succeeding even if the OS permits it.
+            db.pragma("query_only = ON");
         }
         return db;
     }

package/build/errors.js

@@ -4,7 +4,11 @@
  */
 export function formatToolError(context, err) {
     const msg = err instanceof Error ? err.message : String(err);
-    const sanitized = msg.replace(/\/\/[^@]+@/g, "//****:****@");
+    // Sanitize URL-style credentials (postgresql://user:pass@host) and
+    // key-value style passwords (password=secret) used by libpq and JDBC.
+    const sanitized = msg
+        .replace(/\/\/[^@]+@/g, "//****:****@")
+        .replace(/\bpassword\s*=\s*\S+/gi, "password=****");
     const isConnectionError = /ECONNREFUSED|ENOTFOUND|ETIMEDOUT|EHOSTUNREACH|getaddrinfo|connect ECONNRESET|password authentication failed|Access denied|no pg_hba\.conf|connection refused|Connection lost|SQLITE_CANTOPEN/i.test(msg);
     if (isConnectionError) {
         return `Error ${context}: ${sanitized}\n\nThis looks like a database connection issue. Check your configuration:\n- Set DATABASE_URL environment variable with a valid connection string\n- Or use driver-specific variables (PGHOST, MYSQL_HOST, SQLITE_PATH)\n- Ensure the database server is running and accessible`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mcp-db-analyzer",
-  "version": "0.2.6",
+  "version": "0.2.8",
   "description": "MCP server for PostgreSQL, MySQL, and SQLite schema analysis, index optimization, and query plan inspection",
   "mcpName": "io.github.dmitriusan/mcp-db-analyzer",
   "author": "Dmytro Lisnichenko",