mcp-ts-template 1.2.2 → 1.2.3

package/README.md

@@ -3,7 +3,7 @@
 [![TypeScript](https://img.shields.io/badge/TypeScript-^5.8.3-blue.svg)](https://www.typescriptlang.org/)
 [![Model Context Protocol SDK](https://img.shields.io/badge/MCP%20SDK-1.11.4-green.svg)](https://github.com/modelcontextprotocol/typescript-sdk)
 [![MCP Spec Version](https://img.shields.io/badge/MCP%20Spec-2025--03--26-lightgrey.svg)](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/changelog.mdx)
-[![Version](https://img.shields.io/badge/Version-1.2.2-blue.svg)](./CHANGELOG.md)
+[![Version](https://img.shields.io/badge/Version-1.2.3-blue.svg)](./CHANGELOG.md)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 [![Status](https://img.shields.io/badge/Status-Stable-green.svg)](https://github.com/cyanheads/mcp-ts-template/issues)
 [![GitHub](https://img.shields.io/github/stars/cyanheads/mcp-ts-template?style=social)](https://github.com/cyanheads/mcp-ts-template)

package/dist/config/index.d.ts

@@ -12,7 +12,7 @@
  * - Construct and export a comprehensive `config` object.
  * - Export individual configuration values like `logLevel` and `environment` for convenience.
  *
- * @module config/index
+ * @module src/config/index
  */
 /**
  * Main application configuration object.

package/dist/config/index.js

@@ -12,7 +12,7 @@
  * - Construct and export a comprehensive `config` object.
  * - Export individual configuration values like `logLevel` and `environment` for convenience.
  *
- * @module config/index
+ * @module src/config/index
  */
 import dotenv from "dotenv";
 import { readFileSync } from "fs";

package/dist/mcp-client/client.js

@@ -302,8 +302,8 @@ export async function disconnectAllMcpClients(parentContext) {
                 error: result.reason instanceof Error
                     ? result.reason.message
                     : String(result.reason), // Get the error message
-                stack: // Include stack trace if available
-                result.reason instanceof Error ? result.reason.stack : undefined,
+                // Include stack trace if available
+                stack: result.reason instanceof Error ? result.reason.stack : undefined,
             });
         }
         else {

package/dist/mcp-server/resources/echoResource/echoResourceLogic.d.ts

@@ -4,7 +4,7 @@
  * and the main processing function that constructs the resource response.
  * The echo resource is designed to return a message, typically extracted from the
  * request URI's path or query parameters, along with a timestamp.
- * @module mcp-server/resources/echoResource/echoResourceLogic
+ * @module src/mcp-server/resources/echoResource/echoResourceLogic
  */
 import { z } from "zod";
 import { type RequestContext } from "../../../utils/index.js";

package/dist/mcp-server/resources/echoResource/echoResourceLogic.js

@@ -4,7 +4,7 @@
  * and the main processing function that constructs the resource response.
  * The echo resource is designed to return a message, typically extracted from the
  * request URI's path or query parameters, along with a timestamp.
- * @module mcp-server/resources/echoResource/echoResourceLogic
+ * @module src/mcp-server/resources/echoResource/echoResourceLogic
  */
 import { z } from "zod";
 import { logger } from "../../../utils/index.js";

package/dist/mcp-server/resources/echoResource/index.d.ts

@@ -8,6 +8,6 @@
  *
  * Consuming modules should import from this barrel file to access
  * the echo resource's registration capabilities.
- * @module mcp-server/resources/echoResource/index
+ * @module src/mcp-server/resources/echoResource/index
  */
 export { registerEchoResource } from "./registration.js";

package/dist/mcp-server/resources/echoResource/index.js

@@ -8,6 +8,6 @@
  *
  * Consuming modules should import from this barrel file to access
  * the echo resource's registration capabilities.
- * @module mcp-server/resources/echoResource/index
+ * @module src/mcp-server/resources/echoResource/index
  */
 export { registerEchoResource } from "./registration.js";

package/dist/mcp-server/resources/echoResource/registration.d.ts

@@ -4,7 +4,7 @@
  * and the asynchronous handler function that processes `resources/read` requests matching the template.
  * It utilizes the MCP SDK's `server.resource()` method for registration and integrates
  * robust error handling using the project's `ErrorHandler` utility.
- * @module mcp-server/resources/echoResource/registration
+ * @module src/mcp-server/resources/echoResource/registration
  */
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 /**

package/dist/mcp-server/resources/echoResource/registration.js

@@ -4,7 +4,7 @@
  * and the asynchronous handler function that processes `resources/read` requests matching the template.
  * It utilizes the MCP SDK's `server.resource()` method for registration and integrates
  * robust error handling using the project's `ErrorHandler` utility.
- * @module mcp-server/resources/echoResource/registration
+ * @module src/mcp-server/resources/echoResource/registration
  */
 import { ResourceTemplate, } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { BaseErrorCode, McpError } from "../../../types-global/errors.js";

package/dist/mcp-server/server.d.ts

@@ -11,7 +11,7 @@
  * - Lifecycle: https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/lifecycle.mdx
  * - Overview (Capabilities): https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/index.mdx
  * - Transports: https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/transports.mdx
- * @module mcp-server/server
+ * @module src/mcp-server/server
  */
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 /**

package/dist/mcp-server/server.js

@@ -11,7 +11,7 @@
  * - Lifecycle: https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/lifecycle.mdx
  * - Overview (Capabilities): https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/index.mdx
  * - Transports: https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/transports.mdx
- * @module mcp-server/server
+ * @module src/mcp-server/server
  */
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { config, environment } from "../config/index.js";

package/dist/mcp-server/tools/echoTool/echoToolLogic.d.ts

@@ -2,7 +2,7 @@
  * @fileoverview Defines the core logic, schemas, and types for the `echo_message` tool.
  * This module includes input validation using Zod, type definitions for input and output,
  * and the main processing function that handles message formatting and repetition.
- * @module mcp-server/tools/echoTool/echoToolLogic
+ * @module src/mcp-server/tools/echoTool/echoToolLogic
  */
 import { z } from "zod";
 import { type RequestContext } from "../../../utils/index.js";

package/dist/mcp-server/tools/echoTool/echoToolLogic.js

@@ -2,7 +2,7 @@
  * @fileoverview Defines the core logic, schemas, and types for the `echo_message` tool.
  * This module includes input validation using Zod, type definitions for input and output,
  * and the main processing function that handles message formatting and repetition.
- * @module mcp-server/tools/echoTool/echoToolLogic
+ * @module src/mcp-server/tools/echoTool/echoToolLogic
  */
 import { z } from "zod";
 import { logger } from "../../../utils/index.js";

package/dist/mcp-server/tools/echoTool/index.d.ts

@@ -7,6 +7,6 @@
  *
  * Consuming modules should import from this barrel file to access
  * the echo tool's registration capabilities.
- * @module mcp-server/tools/echoTool/index
+ * @module src/mcp-server/tools/echoTool/index
  */
 export { registerEchoTool } from "./registration.js";

package/dist/mcp-server/tools/echoTool/index.js

@@ -7,6 +7,6 @@
  *
  * Consuming modules should import from this barrel file to access
  * the echo tool's registration capabilities.
- * @module mcp-server/tools/echoTool/index
+ * @module src/mcp-server/tools/echoTool/index
  */
 export { registerEchoTool } from "./registration.js";

package/dist/mcp-server/tools/echoTool/registration.d.ts

@@ -4,7 +4,7 @@
  * and the asynchronous handler function that processes tool invocation requests.
  * It leverages the MCP SDK's `server.tool()` method for registration and integrates
  * robust error handling using the project's `ErrorHandler` utility.
- * @module mcp-server/tools/echoTool/registration
+ * @module src/mcp-server/tools/echoTool/registration
  */
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 /**

package/dist/mcp-server/tools/echoTool/registration.js

@@ -4,7 +4,7 @@
  * and the asynchronous handler function that processes tool invocation requests.
  * It leverages the MCP SDK's `server.tool()` method for registration and integrates
  * robust error handling using the project's `ErrorHandler` utility.
- * @module mcp-server/tools/echoTool/registration
+ * @module src/mcp-server/tools/echoTool/registration
  */
 import { BaseErrorCode, McpError } from "../../../types-global/errors.js";
 import { ErrorHandler, logger, requestContextService, } from "../../../utils/index.js";

package/dist/mcp-server/transports/authentication/authMiddleware.d.ts

@@ -11,7 +11,7 @@
  * If the token is missing, invalid, or expired, it sends an HTTP 401 Unauthorized response.
  *
  * @see {@link https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/authorization.mdx | MCP Authorization Specification}
- * @module mcp-server/transports/authentication/authMiddleware
+ * @module src/mcp-server/transports/authentication/authMiddleware
  */
 import { NextFunction, Request, Response } from "express";
 import { AuthInfo } from "@modelcontextprotocol/sdk/server/auth/types.js";

package/dist/mcp-server/transports/authentication/authMiddleware.js

@@ -11,7 +11,7 @@
  * If the token is missing, invalid, or expired, it sends an HTTP 401 Unauthorized response.
  *
  * @see {@link https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/authorization.mdx | MCP Authorization Specification}
- * @module mcp-server/transports/authentication/authMiddleware
+ * @module src/mcp-server/transports/authentication/authMiddleware
  */
 import jwt from "jsonwebtoken";
 import { config, environment } from "../../../config/index.js";
@@ -45,7 +45,10 @@ export function mcpAuthMiddleware(req, res, next) {
                 scopes: ["dev-scope"],
             };
             // Log dev mode details separately, not attaching to req.auth if not part of AuthInfo
-            logger.debug("Dev mode auth object created.", { ...context, authDetails: req.auth });
+            logger.debug("Dev mode auth object created.", {
+                ...context,
+                authDetails: req.auth,
+            });
             return next();
         }
         else {
@@ -67,7 +70,9 @@ export function mcpAuthMiddleware(req, res, next) {
     const tokenParts = authHeader.split(" ");
     if (tokenParts.length !== 2 || tokenParts[0] !== "Bearer" || !tokenParts[1]) {
         logger.warning("Authentication failed: Malformed Bearer token.", context);
-        res.status(401).json({ error: "Unauthorized: Malformed authentication token." });
+        res
+            .status(401)
+            .json({ error: "Unauthorized: Malformed authentication token." });
         return;
     }
     const rawToken = tokenParts[1];
@@ -75,26 +80,37 @@ export function mcpAuthMiddleware(req, res, next) {
         const decoded = jwt.verify(rawToken, config.mcpAuthSecretKey);
         if (typeof decoded === "string") {
             logger.warning("Authentication failed: JWT decoded to a string, expected an object payload.", context);
-            res.status(401).json({ error: "Unauthorized: Invalid token payload format." });
+            res
+                .status(401)
+                .json({ error: "Unauthorized: Invalid token payload format." });
             return;
         }
         // Extract and validate fields for SDK's AuthInfo
-        const clientIdFromToken = typeof decoded.cid === 'string' ? decoded.cid : (typeof decoded.client_id === 'string' ? decoded.client_id : undefined);
+        const clientIdFromToken = typeof decoded.cid === "string"
+            ? decoded.cid
+            : typeof decoded.client_id === "string"
+                ? decoded.client_id
+                : undefined;
         if (!clientIdFromToken) {
             logger.warning("Authentication failed: JWT 'cid' or 'client_id' claim is missing or not a string.", { ...context, jwtPayloadKeys: Object.keys(decoded) });
-            res.status(401).json({ error: "Unauthorized: Invalid token, missing client identifier." });
+            res.status(401).json({
+                error: "Unauthorized: Invalid token, missing client identifier.",
+            });
             return;
         }
         let scopesFromToken;
-        if (Array.isArray(decoded.scp) && decoded.scp.every(s => typeof s === 'string')) {
+        if (Array.isArray(decoded.scp) &&
+            decoded.scp.every((s) => typeof s === "string")) {
             scopesFromToken = decoded.scp;
         }
-        else if (typeof decoded.scope === 'string' && decoded.scope.trim() !== '') {
-            scopesFromToken = decoded.scope.split(' ').filter(s => s);
-            if (scopesFromToken.length === 0 && decoded.scope.trim() !== '') { // handles case " " -> [""]
+        else if (typeof decoded.scope === "string" &&
+            decoded.scope.trim() !== "") {
+            scopesFromToken = decoded.scope.split(" ").filter((s) => s);
+            if (scopesFromToken.length === 0 && decoded.scope.trim() !== "") {
+                // handles case " " -> [""]
                 scopesFromToken = [decoded.scope.trim()];
             }
-            else if (scopesFromToken.length === 0 && decoded.scope.trim() === '') {
+            else if (scopesFromToken.length === 0 && decoded.scope.trim() === "") {
                 // If scope is an empty string, treat as no scopes rather than erroring, or use a default.
                 // Depending on strictness, could also error here. For now, allow empty array if scope was empty string.
                 logger.debug("JWT 'scope' claim was an empty string, resulting in empty scopes array.", context);
@@ -116,15 +132,23 @@ export function mcpAuthMiddleware(req, res, next) {
             scopes: scopesFromToken,
         };
         // Log separately if other JWT claims like 'sub' (sessionId) are needed for app logic
-        const subClaimForLogging = typeof decoded.sub === 'string' ? decoded.sub : undefined;
-        logger.debug("JWT verified successfully. AuthInfo attached to request.", { ...context, mcpSessionIdContext: subClaimForLogging, clientId: req.auth.clientId, scopes: req.auth.scopes });
+        const subClaimForLogging = typeof decoded.sub === "string" ? decoded.sub : undefined;
+        logger.debug("JWT verified successfully. AuthInfo attached to request.", {
+            ...context,
+            mcpSessionIdContext: subClaimForLogging,
+            clientId: req.auth.clientId,
+            scopes: req.auth.scopes,
+        });
         next();
     }
     catch (error) {
         let errorMessage = "Invalid token";
         if (error instanceof jwt.TokenExpiredError) {
             errorMessage = "Token expired";
-            logger.warning("Authentication failed: Token expired.", { ...context, expiredAt: error.expiredAt });
+            logger.warning("Authentication failed: Token expired.", {
+                ...context,
+                expiredAt: error.expiredAt,
+            });
         }
         else if (error instanceof jwt.JsonWebTokenError) {
             errorMessage = `Invalid token: ${error.message}`;

package/dist/mcp-server/transports/httpTransport.d.ts

@@ -8,7 +8,7 @@
  *
  * Specification Reference:
  * https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/transports.mdx#streamable-http
- * @module mcp-server/transports/httpTransport
+ * @module src/mcp-server/transports/httpTransport
  */
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { RequestContext } from "../../utils/index.js";

package/dist/mcp-server/transports/httpTransport.js

@@ -8,7 +8,7 @@
  *
  * Specification Reference:
  * https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/transports.mdx#streamable-http
- * @module mcp-server/transports/httpTransport
+ * @module src/mcp-server/transports/httpTransport
  */
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
 import { isInitializeRequest } from "@modelcontextprotocol/sdk/types.js";

package/dist/mcp-server/transports/stdioTransport.d.ts

@@ -15,7 +15,7 @@
  * controlling the server process. This implementation follows that guideline.
  *
  * @see {@link https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/authorization.mdx | MCP Authorization Specification}
- * @module mcp-server/transports/stdioTransport
+ * @module src/mcp-server/transports/stdioTransport
  */
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { RequestContext } from "../../utils/index.js";

package/dist/mcp-server/transports/stdioTransport.js

@@ -15,7 +15,7 @@
  * controlling the server process. This implementation follows that guideline.
  *
  * @see {@link https://github.com/modelcontextprotocol/modelcontextprotocol/blob/main/docs/specification/2025-03-26/basic/authorization.mdx | MCP Authorization Specification}
- * @module mcp-server/transports/stdioTransport
+ * @module src/mcp-server/transports/stdioTransport
  */
 import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
 import { ErrorHandler, logger } from "../../utils/index.js";

package/dist/services/openRouterProvider.js

@@ -3,7 +3,7 @@
  * OpenRouter API, using the OpenAI SDK for chat completions. It handles API key
  * configuration, default parameters, rate limiting, model-specific parameter adjustments,
  * and error handling.
- * @module services/openRouterProvider
+ * @module src/services/openRouterProvider
  */
 import OpenAI from "openai";
 import { config } from "../config/index.js";

package/dist/types-global/errors.d.ts

@@ -3,7 +3,7 @@
  * for handling errors within the Model Context Protocol (MCP) server and its components.
  * This module provides a structured way to represent and communicate errors, ensuring
  * consistency and clarity for both server-side operations and client-side error handling.
- * @module types-global/errors
+ * @module src/types-global/errors
  */
 import { z } from "zod";
 /**

package/dist/types-global/errors.js

@@ -3,7 +3,7 @@
  * for handling errors within the Model Context Protocol (MCP) server and its components.
  * This module provides a structured way to represent and communicate errors, ensuring
  * consistency and clarity for both server-side operations and client-side error handling.
- * @module types-global/errors
+ * @module src/types-global/errors
  */
 import { z } from "zod";
 /**

package/dist/utils/index.d.ts

@@ -2,9 +2,9 @@
  * @fileoverview Barrel file for the utils module.
  * This file re-exports all utilities from their categorized subdirectories,
  * providing a single entry point for accessing utility functions.
- * @module utils
+ * @module src/utils
  */
 export * from "./internal/index.js";
+export * from "./metrics/index.js";
 export * from "./parsing/index.js";
 export * from "./security/index.js";
-export * from "./metrics/index.js";

package/dist/utils/index.js

@@ -2,13 +2,13 @@
  * @fileoverview Barrel file for the utils module.
  * This file re-exports all utilities from their categorized subdirectories,
  * providing a single entry point for accessing utility functions.
- * @module utils
+ * @module src/utils
  */
 // Re-export all utilities from their categorized subdirectories
 export * from "./internal/index.js";
+export * from "./metrics/index.js";
 export * from "./parsing/index.js";
 export * from "./security/index.js";
-export * from "./metrics/index.js";
 // It's good practice to have index.ts files in each subdirectory
 // that export the contents of that directory.
 // Assuming those will be created or already exist.

package/dist/utils/internal/errorHandler.d.ts

@@ -3,7 +3,7 @@
  * It defines structures for error context, options for handling errors,
  * and mappings for classifying errors. The main `ErrorHandler` class
  * offers static methods for consistent error processing, logging, and transformation.
- * @module utils/internal/errorHandler
+ * @module src/utils/internal/errorHandler
  */
 import { BaseErrorCode } from "../../types-global/errors.js";
 /**

package/dist/utils/internal/errorHandler.js

@@ -3,7 +3,7 @@
  * It defines structures for error context, options for handling errors,
  * and mappings for classifying errors. The main `ErrorHandler` class
  * offers static methods for consistent error processing, logging, and transformation.
- * @module utils/internal/errorHandler
+ * @module src/utils/internal/errorHandler
  */
 import { BaseErrorCode, McpError } from "../../types-global/errors.js";
 import { generateUUID, sanitizeInputForLogging } from "../index.js";

package/dist/utils/internal/index.d.ts

@@ -2,7 +2,7 @@
  * @fileoverview Barrel file for internal utility modules.
  * This file re-exports core internal utilities related to error handling,
  * logging, and request context management.
- * @module utils/internal
+ * @module src/utils/internal
  */
 export * from "./errorHandler.js";
 export * from "./logger.js";

package/dist/utils/internal/index.js

@@ -2,7 +2,7 @@
  * @fileoverview Barrel file for internal utility modules.
  * This file re-exports core internal utilities related to error handling,
  * logging, and request context management.
- * @module utils/internal
+ * @module src/utils/internal
  */
 export * from "./errorHandler.js";
 export * from "./logger.js";

package/dist/utils/internal/logger.js

@@ -2,7 +2,7 @@
  * @fileoverview Provides a singleton Logger class that wraps Winston for file logging
  * and supports sending MCP (Model Context Protocol) `notifications/message`.
  * It handles different log levels compliant with RFC 5424 and MCP specifications.
- * @module utils/internal/logger
+ * @module src/utils/internal/logger
  */
 import fs from "fs";
 import path from "path";
@@ -40,7 +40,8 @@ const projectRoot = process.cwd(); // Use current working directory as project r
 const logsDir = path.join(projectRoot, "logs");
 // Security check for the logs directory path
 const resolvedLogsDir = path.resolve(logsDir); // Should be projectRoot/logs
-const isLogsDirSafe = resolvedLogsDir.startsWith(projectRoot + path.sep) && resolvedLogsDir !== projectRoot;
+const isLogsDirSafe = resolvedLogsDir.startsWith(projectRoot + path.sep) &&
+    resolvedLogsDir !== projectRoot;
 if (!isLogsDirSafe) {
     // This case should ideally not be hit if logsDir is simply projectRoot + /logs
     // But it's a safeguard if path.join or path.resolve behaves unexpectedly or logsDir is manipulated.

package/dist/utils/internal/requestContext.d.ts

@@ -3,7 +3,7 @@
  * A request context is an object carrying a unique ID, timestamp, and other
  * relevant data for logging, tracing, and processing. It also defines
  * configuration and operational context structures.
- * @module utils/internal/requestContext
+ * @module src/utils/internal/requestContext
  */
 /**
  * Defines the core structure for context information associated with a request or operation.

package/dist/utils/internal/requestContext.js

@@ -3,10 +3,10 @@
  * A request context is an object carrying a unique ID, timestamp, and other
  * relevant data for logging, tracing, and processing. It also defines
  * configuration and operational context structures.
- * @module utils/internal/requestContext
+ * @module src/utils/internal/requestContext
  */
-import { logger } from "./logger.js";
 import { generateUUID } from "../index.js";
+import { logger } from "./logger.js";
 /**
  * Singleton-like service object for managing request context operations.
  * @private

package/dist/utils/metrics/index.d.ts

@@ -2,6 +2,6 @@
  * @fileoverview Barrel file for metrics-related utility modules.
  * This file re-exports utilities for collecting and processing metrics,
  * such as token counting.
- * @module utils/metrics
+ * @module src/utils/metrics
  */
 export * from "./tokenCounter.js";

package/dist/utils/metrics/index.js

@@ -2,6 +2,6 @@
  * @fileoverview Barrel file for metrics-related utility modules.
  * This file re-exports utilities for collecting and processing metrics,
  * such as token counting.
- * @module utils/metrics
+ * @module src/utils/metrics
  */
 export * from "./tokenCounter.js";

package/dist/utils/metrics/tokenCounter.d.ts

@@ -3,7 +3,7 @@
  * using the `tiktoken` library, specifically configured for 'gpt-4o' tokenization.
  * These functions are essential for managing token limits and estimating costs
  * when interacting with language models.
- * @module utils/metrics/tokenCounter
+ * @module src/utils/metrics/tokenCounter
  */
 import { ChatCompletionMessageParam } from "openai/resources/chat/completions";
 import { RequestContext } from "../index.js";

package/dist/utils/parsing/dateParser.d.ts

@@ -1,7 +1,7 @@
 /**
  * @fileoverview Provides utility functions for parsing natural language date strings
  * into Date objects or detailed parsing results using the `chrono-node` library.
- * @module utils/parsing/dateParser
+ * @module src/utils/parsing/dateParser
  */
 import * as chrono from "chrono-node";
 import { RequestContext } from "../index.js";

package/dist/utils/parsing/dateParser.js

@@ -1,7 +1,7 @@
 /**
  * @fileoverview Provides utility functions for parsing natural language date strings
  * into Date objects or detailed parsing results using the `chrono-node` library.
- * @module utils/parsing/dateParser
+ * @module src/utils/parsing/dateParser
  */
 import * as chrono from "chrono-node";
 import { BaseErrorCode } from "../../types-global/errors.js";

package/dist/utils/parsing/index.d.ts

@@ -2,7 +2,7 @@
  * @fileoverview Barrel file for parsing utility modules.
  * This file re-exports utilities related to parsing various data formats,
  * such as JSON and dates.
- * @module utils/parsing
+ * @module src/utils/parsing
  */
-export * from "./jsonParser.js";
 export * from "./dateParser.js";
+export * from "./jsonParser.js";

package/dist/utils/parsing/index.js

@@ -2,7 +2,7 @@
  * @fileoverview Barrel file for parsing utility modules.
  * This file re-exports utilities related to parsing various data formats,
  * such as JSON and dates.
- * @module utils/parsing
+ * @module src/utils/parsing
  */
-export * from "./jsonParser.js";
 export * from "./dateParser.js";
+export * from "./jsonParser.js";

package/dist/utils/parsing/jsonParser.js

@@ -2,7 +2,7 @@
  * @fileoverview Provides a utility class for parsing potentially partial JSON strings.
  * It wraps the 'partial-json' npm library and includes functionality to handle
  * optional <think>...</think> blocks often found at the beginning of LLM outputs.
- * @module utils/parsing/jsonParser
+ * @module src/utils/parsing/jsonParser
  */
 import { parse as parsePartialJson, Allow as PartialJsonAllow, } from "partial-json";
 import { BaseErrorCode, McpError } from "../../types-global/errors.js";
@@ -61,9 +61,15 @@ export class JsonParser {
         if (match) {
             const thinkContent = match[1].trim();
             const restOfString = match[2];
-            const logContext = context || requestContextService.createRequestContext({ operation: "JsonParser.thinkBlock" });
+            const logContext = context ||
+                requestContextService.createRequestContext({
+                    operation: "JsonParser.thinkBlock",
+                });
             if (thinkContent) {
-                logger.debug("LLM <think> block detected and logged.", { ...logContext, thinkContent });
+                logger.debug("LLM <think> block detected and logged.", {
+                    ...logContext,
+                    thinkContent,
+                });
             }
             else {
                 logger.debug("Empty LLM <think> block detected.", logContext);
@@ -78,7 +84,10 @@ export class JsonParser {
             return parsePartialJson(stringToParse, allowPartial);
         }
         catch (error) {
-            const errorLogContext = context || requestContextService.createRequestContext({ operation: "JsonParser.parseError" });
+            const errorLogContext = context ||
+                requestContextService.createRequestContext({
+                    operation: "JsonParser.parseError",
+                });
             logger.error("Failed to parse JSON content.", {
                 ...errorLogContext,
                 errorDetails: error.message,

package/dist/utils/security/idGenerator.js

@@ -7,9 +7,9 @@
  * with the `requestContextService`, which itself uses `generateUUID` from this module.
  * This was causing `ReferenceError: Cannot access 'generateUUID' before initialization`
  * during application startup.
- * @module utils/security/idGenerator
+ * @module src/utils/security/idGenerator
  */
-import { randomBytes, randomUUID as cryptoRandomUUID } from "crypto";
+import { randomUUID as cryptoRandomUUID, randomBytes } from "crypto";
 import { BaseErrorCode, McpError } from "../../types-global/errors.js";
 /**
  * A generic ID Generator class for creating and managing unique, prefixed identifiers.
@@ -77,7 +77,9 @@ export class IdGenerator {
         // Logging removed.
         const { length = IdGenerator.DEFAULT_LENGTH, separator = IdGenerator.DEFAULT_SEPARATOR, charset = IdGenerator.DEFAULT_CHARSET, } = options;
         const randomPart = this.generateRandomString(length, charset);
-        const generatedId = prefix ? `${prefix}${separator}${randomPart}` : randomPart;
+        const generatedId = prefix
+            ? `${prefix}${separator}${randomPart}`
+            : randomPart;
         return generatedId;
     }
     /**

package/dist/utils/security/index.d.ts

@@ -2,8 +2,8 @@
  * @fileoverview Barrel file for security-related utility modules.
  * This file re-exports utilities for input sanitization, rate limiting,
  * and ID generation.
- * @module utils/security
+ * @module src/utils/security
  */
-export * from "./sanitization.js";
-export * from "./rateLimiter.js";
 export * from "./idGenerator.js";
+export * from "./rateLimiter.js";
+export * from "./sanitization.js";

package/dist/utils/security/index.js

@@ -2,8 +2,8 @@
  * @fileoverview Barrel file for security-related utility modules.
  * This file re-exports utilities for input sanitization, rate limiting,
  * and ID generation.
- * @module utils/security
+ * @module src/utils/security
  */
-export * from "./sanitization.js";
-export * from "./rateLimiter.js";
 export * from "./idGenerator.js";
+export * from "./rateLimiter.js";
+export * from "./sanitization.js";

package/dist/utils/security/rateLimiter.js

@@ -1,7 +1,7 @@
 /**
  * @fileoverview Provides a generic `RateLimiter` class for implementing rate limiting logic.
  * It supports configurable time windows, request limits, and automatic cleanup of expired entries.
- * @module utils/security/rateLimiter
+ * @module src/utils/security/rateLimiter
  */
 import { environment } from "../../config/index.js";
 import { BaseErrorCode, McpError } from "../../types-global/errors.js";

package/dist/utils/security/sanitization.js

@@ -2,7 +2,7 @@
  * @fileoverview Provides a comprehensive `Sanitization` class for various input cleaning and validation tasks.
  * This module includes utilities for sanitizing HTML, strings, URLs, file paths, JSON, numbers,
  * and for redacting sensitive information from data intended for logging.
- * @module utils/security/sanitization
+ * @module src/utils/security/sanitization
  */
 import path from "path";
 import sanitizeHtml from "sanitize-html";
@@ -22,8 +22,19 @@ export class Sanitization {
          * @private
          */
         this.sensitiveFields = [
-            "password", "token", "secret", "key", "apiKey", "auth",
-            "credential", "jwt", "ssn", "credit", "card", "cvv", "authorization",
+            "password",
+            "token",
+            "secret",
+            "key",
+            "apiKey",
+            "auth",
+            "credential",
+            "jwt",
+            "ssn",
+            "credit",
+            "card",
+            "cvv",
+            "authorization",
         ];
         /**
          * Default configuration for HTML sanitization.
@@ -31,9 +42,33 @@ export class Sanitization {
          */
         this.defaultHtmlSanitizeConfig = {
             allowedTags: [
-                "h1", "h2", "h3", "h4", "h5", "h6", "p", "a", "ul", "ol", "li",
-                "b", "i", "strong", "em", "strike", "code", "hr", "br", "div",
-                "table", "thead", "tbody", "tr", "th", "td", "pre",
+                "h1",
+                "h2",
+                "h3",
+                "h4",
+                "h5",
+                "h6",
+                "p",
+                "a",
+                "ul",
+                "ol",
+                "li",
+                "b",
+                "i",
+                "strong",
+                "em",
+                "strike",
+                "code",
+                "hr",
+                "br",
+                "div",
+                "table",
+                "thead",
+                "tbody",
+                "tr",
+                "th",
+                "td",
+                "pre",
             ],
             allowedAttributes: {
                 a: ["href", "name", "target"],
@@ -120,13 +155,23 @@ export class Sanitization {
             case "attribute":
                 return sanitizeHtml(input, { allowedTags: [], allowedAttributes: {} });
             case "url":
-                if (!validator.isURL(input, { protocols: ["http", "https"], require_protocol: true, require_host: true })) {
-                    logger.warning("Potentially invalid URL detected during string sanitization (context: url)", requestContextService.createRequestContext({ operation: "Sanitization.sanitizeString.urlWarning", invalidUrlAttempt: input }));
+                if (!validator.isURL(input, {
+                    protocols: ["http", "https"],
+                    require_protocol: true,
+                    require_host: true,
+                })) {
+                    logger.warning("Potentially invalid URL detected during string sanitization (context: url)", requestContextService.createRequestContext({
+                        operation: "Sanitization.sanitizeString.urlWarning",
+                        invalidUrlAttempt: input,
+                    }));
                     return "";
                 }
                 return validator.trim(input);
             case "javascript":
-                logger.error("Attempted JavaScript sanitization via sanitizeString, which is disallowed.", requestContextService.createRequestContext({ operation: "Sanitization.sanitizeString.jsAttempt", inputSnippet: input.substring(0, 50) }));
+                logger.error("Attempted JavaScript sanitization via sanitizeString, which is disallowed.", requestContextService.createRequestContext({
+                    operation: "Sanitization.sanitizeString.jsAttempt",
+                    inputSnippet: input.substring(0, 50),
+                }));
                 throw new McpError(BaseErrorCode.VALIDATION_ERROR, "JavaScript sanitization is not supported through sanitizeString due to security risks.");
             case "text":
             default:
@@ -152,7 +197,11 @@ export class Sanitization {
     sanitizeUrl(input, allowedProtocols = ["http", "https"]) {
         try {
             const trimmedInput = input.trim();
-            if (!validator.isURL(trimmedInput, { protocols: allowedProtocols, require_protocol: true, require_host: true })) {
+            if (!validator.isURL(trimmedInput, {
+                protocols: allowedProtocols,
+                require_protocol: true,
+                require_host: true,
+            })) {
                 throw new Error("Invalid URL format or protocol not in allowed list.");
             }
             if (trimmedInput.toLowerCase().startsWith("javascript:")) {
@@ -161,7 +210,9 @@ export class Sanitization {
             return trimmedInput;
         }
         catch (error) {
-            throw new McpError(BaseErrorCode.VALIDATION_ERROR, error instanceof Error ? error.message : "Invalid or unsafe URL provided.", { input });
+            throw new McpError(BaseErrorCode.VALIDATION_ERROR, error instanceof Error
+                ? error.message
+                : "Invalid or unsafe URL provided.", { input });
         }
     }
     /**
@@ -193,12 +244,15 @@ export class Sanitization {
             let finalSanitizedPath;
             if (effectiveOptions.rootDir) {
                 const fullPath = path.resolve(effectiveOptions.rootDir, normalized);
-                if (!fullPath.startsWith(effectiveOptions.rootDir + path.sep) && fullPath !== effectiveOptions.rootDir) {
+                if (!fullPath.startsWith(effectiveOptions.rootDir + path.sep) &&
+                    fullPath !== effectiveOptions.rootDir) {
                     throw new Error("Path traversal detected: attempts to escape the defined root directory.");
                 }
                 finalSanitizedPath = path.relative(effectiveOptions.rootDir, fullPath);
-                finalSanitizedPath = finalSanitizedPath === "" ? "." : finalSanitizedPath;
-                if (path.isAbsolute(finalSanitizedPath) && !effectiveOptions.allowAbsolute) {
+                finalSanitizedPath =
+                    finalSanitizedPath === "" ? "." : finalSanitizedPath;
+                if (path.isAbsolute(finalSanitizedPath) &&
+                    !effectiveOptions.allowAbsolute) {
                     throw new Error("Path resolved to absolute outside root when absolute paths are disallowed.");
                 }
             }
@@ -215,7 +269,8 @@ export class Sanitization {
                 else {
                     const resolvedAgainstCwd = path.resolve(normalized);
                     const currentWorkingDir = path.resolve(".");
-                    if (!resolvedAgainstCwd.startsWith(currentWorkingDir + path.sep) && resolvedAgainstCwd !== currentWorkingDir) {
+                    if (!resolvedAgainstCwd.startsWith(currentWorkingDir + path.sep) &&
+                        resolvedAgainstCwd !== currentWorkingDir) {
                         throw new Error("Relative path traversal detected (escapes current working directory context).");
                     }
                     finalSanitizedPath = normalized;
@@ -225,7 +280,9 @@ export class Sanitization {
                 sanitizedPath: finalSanitizedPath,
                 originalInput,
                 wasAbsolute: wasAbsoluteInitially,
-                convertedToRelative: wasAbsoluteInitially && !path.isAbsolute(finalSanitizedPath) && !effectiveOptions.allowAbsolute,
+                convertedToRelative: wasAbsoluteInitially &&
+                    !path.isAbsolute(finalSanitizedPath) &&
+                    !effectiveOptions.allowAbsolute,
                 optionsUsed: effectiveOptions,
             };
         }
@@ -236,7 +293,9 @@ export class Sanitization {
                 pathOptionsUsed: effectiveOptions,
                 errorMessage: error instanceof Error ? error.message : String(error),
             }));
-            throw new McpError(BaseErrorCode.VALIDATION_ERROR, error instanceof Error ? error.message : "Invalid or unsafe path provided.", { input: originalInput });
+            throw new McpError(BaseErrorCode.VALIDATION_ERROR, error instanceof Error
+                ? error.message
+                : "Invalid or unsafe path provided.", { input: originalInput });
         }
     }
     /**
@@ -260,7 +319,9 @@ export class Sanitization {
         catch (error) {
             if (error instanceof McpError)
                 throw error;
-            throw new McpError(BaseErrorCode.VALIDATION_ERROR, error instanceof Error ? error.message : "Invalid JSON format.", { inputPreview: input.length > 100 ? `${input.substring(0, 100)}...` : input });
+            throw new McpError(BaseErrorCode.VALIDATION_ERROR, error instanceof Error ? error.message : "Invalid JSON format.", {
+                inputPreview: input.length > 100 ? `${input.substring(0, 100)}...` : input,
+            });
         }
     }
     /**
@@ -324,7 +385,9 @@ export class Sanitization {
         try {
             if (!input || typeof input !== "object")
                 return input;
-            const clonedInput = typeof structuredClone === "function" ? structuredClone(input) : JSON.parse(JSON.stringify(input));
+            const clonedInput = typeof structuredClone === "function"
+                ? structuredClone(input)
+                : JSON.parse(JSON.stringify(input));
             this.redactSensitiveFields(clonedInput);
             return clonedInput;
         }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mcp-ts-template",
-  "version": "1.2.2",
+  "version": "1.2.3",
   "description": "TypeScript template for building Model Context Protocol (MCP) servers & clients. Features production-ready utilities, stdio/HTTP transports (with JWT auth), examples, and type safety. Ideal starting point for creating MCP-based applications.",
   "main": "dist/index.js",
   "files": [