npm - mcpmake - Versions diffs - 0.1.1 → 0.2.0 - Mend

mcpmake 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (385) hide show

package/dist/commands/bundle.d.ts +1 -0
package/dist/commands/bundle.d.ts.map +1 -0
package/dist/commands/bundle.js +5 -4
package/dist/commands/bundle.js.map +1 -0
package/dist/commands/ci.d.ts +1 -0
package/dist/commands/ci.d.ts.map +1 -0
package/dist/commands/ci.js +3 -2
package/dist/commands/ci.js.map +1 -0
package/dist/commands/deploy.d.ts +1 -0
package/dist/commands/deploy.d.ts.map +1 -0
package/dist/commands/deploy.js +4 -3
package/dist/commands/deploy.js.map +1 -0
package/dist/commands/diff.d.ts +1 -0
package/dist/commands/diff.d.ts.map +1 -0
package/dist/commands/diff.js +5 -4
package/dist/commands/diff.js.map +1 -0
package/dist/commands/from/describe.d.ts +1 -0
package/dist/commands/from/describe.d.ts.map +1 -0
package/dist/commands/from/describe.js +11 -10
package/dist/commands/from/describe.js.map +1 -0
package/dist/commands/from/har.d.ts +1 -0
package/dist/commands/from/har.d.ts.map +1 -0
package/dist/commands/from/har.js +14 -13
package/dist/commands/from/har.js.map +1 -0
package/dist/commands/from/openapi.d.ts +1 -0
package/dist/commands/from/openapi.d.ts.map +1 -0
package/dist/commands/from/openapi.js +17 -16
package/dist/commands/from/openapi.js.map +1 -0
package/dist/commands/from/postman.d.ts +1 -0
package/dist/commands/from/postman.d.ts.map +1 -0
package/dist/commands/from/postman.js +13 -12
package/dist/commands/from/postman.js.map +1 -0
package/dist/commands/from/stainless.d.ts +110 -0
package/dist/commands/from/stainless.d.ts.map +1 -0
package/dist/commands/from/stainless.js +272 -0
package/dist/commands/from/stainless.js.map +1 -0
package/dist/commands/from/target-support.d.ts +1 -0
package/dist/commands/from/target-support.d.ts.map +1 -0
package/dist/commands/from/target-support.js +2 -1
package/dist/commands/from/target-support.js.map +1 -0
package/dist/commands/from/url.d.ts +1 -0
package/dist/commands/from/url.d.ts.map +1 -0
package/dist/commands/from/url.js +14 -13
package/dist/commands/from/url.js.map +1 -0
package/dist/commands/from/website.d.ts +1 -0
package/dist/commands/from/website.d.ts.map +1 -0
package/dist/commands/from/website.js +17 -16
package/dist/commands/from/website.js.map +1 -0
package/dist/commands/lint.d.ts +1 -0
package/dist/commands/lint.d.ts.map +1 -0
package/dist/commands/lint.js +6 -5
package/dist/commands/lint.js.map +1 -0
package/dist/commands/merge.d.ts +1 -0
package/dist/commands/merge.d.ts.map +1 -0
package/dist/commands/merge.js +3 -2
package/dist/commands/merge.js.map +1 -0
package/dist/commands/publish.d.ts +1 -0
package/dist/commands/publish.d.ts.map +1 -0
package/dist/commands/publish.js +4 -3
package/dist/commands/publish.js.map +1 -0
package/dist/commands/rescan.d.ts +1 -0
package/dist/commands/rescan.d.ts.map +1 -0
package/dist/commands/rescan.js +12 -11
package/dist/commands/rescan.js.map +1 -0
package/dist/commands/update.d.ts +1 -0
package/dist/commands/update.d.ts.map +1 -0
package/dist/commands/update.js +10 -9
package/dist/commands/update.js.map +1 -0
package/dist/commands/verify.d.ts +1 -0
package/dist/commands/verify.d.ts.map +1 -0
package/dist/commands/verify.js +7 -6
package/dist/commands/verify.js.map +1 -0
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +23 -2
package/dist/index.js.map +1 -0
package/dist/registry/official-registry.d.ts +1 -0
package/dist/registry/official-registry.d.ts.map +1 -0
package/dist/registry/official-registry.js +1 -0
package/dist/registry/official-registry.js.map +1 -0
package/package.json +20 -46
package/README.md +0 -691
package/dist/analyzer/auth-detector.d.ts +0 -12
package/dist/analyzer/auth-detector.js +0 -142
package/dist/analyzer/dom-parser.d.ts +0 -10
package/dist/analyzer/dom-parser.js +0 -259
package/dist/analyzer/goal-crawler.d.ts +0 -25
package/dist/analyzer/goal-crawler.js +0 -177
package/dist/analyzer/hybrid-detector.d.ts +0 -28
package/dist/analyzer/hybrid-detector.js +0 -96
package/dist/analyzer/index.d.ts +0 -12
package/dist/analyzer/index.js +0 -8
package/dist/analyzer/screenshot-capture.d.ts +0 -29
package/dist/analyzer/screenshot-capture.js +0 -42
package/dist/analyzer/selector-builder.d.ts +0 -19
package/dist/analyzer/selector-builder.js +0 -199
package/dist/analyzer/semantic-analyzer.d.ts +0 -13
package/dist/analyzer/semantic-analyzer.js +0 -145
package/dist/analyzer/site-crawler.d.ts +0 -38
package/dist/analyzer/site-crawler.js +0 -235
package/dist/cloud/billing/billing-engine.d.ts +0 -44
package/dist/cloud/billing/billing-engine.js +0 -81
package/dist/cloud/billing/credit-store.d.ts +0 -64
package/dist/cloud/billing/credit-store.js +0 -168
package/dist/cloud/billing/index.d.ts +0 -4
package/dist/cloud/billing/index.js +0 -2
package/dist/cloud/billing/usage-store.d.ts +0 -42
package/dist/cloud/billing/usage-store.js +0 -85
package/dist/cloud/billing/usage-tracker.d.ts +0 -38
package/dist/cloud/billing/usage-tracker.js +0 -95
package/dist/cloud/build-pipeline.d.ts +0 -39
package/dist/cloud/build-pipeline.js +0 -310
package/dist/cloud/build-queue.d.ts +0 -30
package/dist/cloud/build-queue.js +0 -70
package/dist/cloud/caddy-manager.d.ts +0 -18
package/dist/cloud/caddy-manager.js +0 -97
package/dist/cloud/container-backend.d.ts +0 -62
package/dist/cloud/container-backend.js +0 -59
package/dist/cloud/container-manager.d.ts +0 -64
package/dist/cloud/container-manager.js +0 -301
package/dist/cloud/crypto.d.ts +0 -27
package/dist/cloud/crypto.js +0 -63
package/dist/cloud/db/index.d.ts +0 -27
package/dist/cloud/db/index.js +0 -53
package/dist/cloud/db/migrations.d.ts +0 -12
package/dist/cloud/db/migrations.js +0 -329
package/dist/cloud/db/pg-store.d.ts +0 -45
package/dist/cloud/db/pg-store.js +0 -336
package/dist/cloud/failure-tracker.d.ts +0 -51
package/dist/cloud/failure-tracker.js +0 -102
package/dist/cloud/idle-monitor.d.ts +0 -30
package/dist/cloud/idle-monitor.js +0 -70
package/dist/cloud/mailer.d.ts +0 -21
package/dist/cloud/mailer.js +0 -193
package/dist/cloud/mcp-proxy.d.ts +0 -58
package/dist/cloud/mcp-proxy.js +0 -203
package/dist/cloud/metric-samples.d.ts +0 -43
package/dist/cloud/metric-samples.js +0 -85
package/dist/cloud/metrics.d.ts +0 -26
package/dist/cloud/metrics.js +0 -59
package/dist/cloud/multipart.d.ts +0 -26
package/dist/cloud/multipart.js +0 -132
package/dist/cloud/observability.d.ts +0 -27
package/dist/cloud/observability.js +0 -98
package/dist/cloud/rate-limiter.d.ts +0 -31
package/dist/cloud/rate-limiter.js +0 -58
package/dist/cloud/request-security.d.ts +0 -5
package/dist/cloud/request-security.js +0 -74
package/dist/cloud/resource-monitor.d.ts +0 -69
package/dist/cloud/resource-monitor.js +0 -130
package/dist/cloud/secret-store.d.ts +0 -38
package/dist/cloud/secret-store.js +0 -103
package/dist/cloud/security.d.ts +0 -26
package/dist/cloud/security.js +0 -142
package/dist/cloud/server.d.ts +0 -21
package/dist/cloud/server.js +0 -1079
package/dist/cloud/shared-state.d.ts +0 -72
package/dist/cloud/shared-state.js +0 -159
package/dist/cloud/ssrf.d.ts +0 -43
package/dist/cloud/ssrf.js +0 -150
package/dist/cloud/store.d.ts +0 -41
package/dist/cloud/store.js +0 -75
package/dist/cloud/stripe.d.ts +0 -78
package/dist/cloud/stripe.js +0 -317
package/dist/cloud/telemetry-store.d.ts +0 -53
package/dist/cloud/telemetry-store.js +0 -108
package/dist/cloud/web/auth.d.ts +0 -225
package/dist/cloud/web/auth.js +0 -555
package/dist/cloud/web/charts.d.ts +0 -70
package/dist/cloud/web/charts.js +0 -178
package/dist/cloud/web/csrf.d.ts +0 -14
package/dist/cloud/web/csrf.js +0 -22
package/dist/cloud/web/docs.d.ts +0 -40
package/dist/cloud/web/docs.js +0 -174
package/dist/cloud/web/router.d.ts +0 -25
package/dist/cloud/web/router.js +0 -1921
package/dist/cloud/web/static/alpine.min.js +0 -5
package/dist/cloud/web/static/favicon.svg +0 -4
package/dist/cloud/web/static/htmx-sse.js +0 -290
package/dist/cloud/web/static/htmx.min.js +0 -1
package/dist/cloud/web/static/style.css +0 -2683
package/dist/cloud/web/static-server.d.ts +0 -13
package/dist/cloud/web/static-server.js +0 -73
package/dist/cloud/web/template-engine.d.ts +0 -27
package/dist/cloud/web/template-engine.js +0 -146
package/dist/cloud/web/templates/layouts/admin.hbs +0 -57
package/dist/cloud/web/templates/layouts/auth.hbs +0 -138
package/dist/cloud/web/templates/layouts/base.hbs +0 -16
package/dist/cloud/web/templates/layouts/dashboard.hbs +0 -39
package/dist/cloud/web/templates/layouts/landing.hbs +0 -82
package/dist/cloud/web/templates/pages/admin/overview.hbs +0 -123
package/dist/cloud/web/templates/pages/admin/servers.hbs +0 -129
package/dist/cloud/web/templates/pages/admin/telemetry.hbs +0 -39
package/dist/cloud/web/templates/pages/admin/user-edit.hbs +0 -91
package/dist/cloud/web/templates/pages/admin/users.hbs +0 -179
package/dist/cloud/web/templates/pages/auth/forgot-password.hbs +0 -25
package/dist/cloud/web/templates/pages/auth/login.hbs +0 -33
package/dist/cloud/web/templates/pages/auth/register.hbs +0 -32
package/dist/cloud/web/templates/pages/auth/reset-password.hbs +0 -34
package/dist/cloud/web/templates/pages/dashboard/billing.hbs +0 -140
package/dist/cloud/web/templates/pages/dashboard/create.hbs +0 -173
package/dist/cloud/web/templates/pages/dashboard/index.hbs +0 -8
package/dist/cloud/web/templates/pages/dashboard/server-detail.hbs +0 -280
package/dist/cloud/web/templates/pages/dashboard/server-logs.hbs +0 -35
package/dist/cloud/web/templates/pages/dashboard/server-metrics.hbs +0 -63
package/dist/cloud/web/templates/pages/dashboard/servers-partial.hbs +0 -21
package/dist/cloud/web/templates/pages/dashboard/servers.hbs +0 -44
package/dist/cloud/web/templates/pages/docs/show.hbs +0 -16
package/dist/cloud/web/templates/pages/errors/404.hbs +0 -9
package/dist/cloud/web/templates/pages/errors/500.hbs +0 -8
package/dist/cloud/web/templates/pages/landing/index.hbs +0 -223
package/dist/cloud/web/templates/pages/legal/privacy.hbs +0 -71
package/dist/cloud/web/templates/pages/legal/terms.hbs +0 -73
package/dist/cloud/web/templates/partials/admin-stats.hbs +0 -52
package/dist/cloud/web/templates/partials/flash-message.hbs +0 -6
package/dist/cloud/web/templates/partials/pricing-table.hbs +0 -103
package/dist/cloud/web/templates/partials/server-card.hbs +0 -19
package/dist/cloud/web/templates/partials/status-badge.hbs +0 -1
package/dist/config/configurable-command.d.ts +0 -13
package/dist/config/configurable-command.js +0 -70
package/dist/config/mcpmake-config.d.ts +0 -68
package/dist/config/mcpmake-config.js +0 -207
package/dist/docs/cli.md +0 -400
package/dist/docs/mcp-2026-07-28-migration.md +0 -78
package/dist/docs/migrate-from-stainless.md +0 -94
package/dist/docs/quickstart.md +0 -166
package/dist/docs/show-hn.md +0 -26
package/dist/docs/website-servers.md +0 -169
package/dist/emitter/code-writer.d.ts +0 -8
package/dist/emitter/code-writer.js +0 -25
package/dist/emitter/index.d.ts +0 -32
package/dist/emitter/index.js +0 -280
package/dist/emitter/mcpb-bundler.d.ts +0 -31
package/dist/emitter/mcpb-bundler.js +0 -172
package/dist/emitter/project-scaffolder.d.ts +0 -4
package/dist/emitter/project-scaffolder.js +0 -89
package/dist/emitter/python-template-loader.d.ts +0 -4
package/dist/emitter/python-template-loader.js +0 -30
package/dist/emitter/python-templates/dockerfile.hbs +0 -14
package/dist/emitter/python-templates/env.example.hbs +0 -6
package/dist/emitter/python-templates/requirements.txt.hbs +0 -4
package/dist/emitter/python-templates/server.py.hbs +0 -77
package/dist/emitter/site-scaffolder.d.ts +0 -13
package/dist/emitter/site-scaffolder.js +0 -70
package/dist/emitter/site-template-loader.d.ts +0 -5
package/dist/emitter/site-template-loader.js +0 -47
package/dist/emitter/site-templates/browser-manager.ts.hbs +0 -233
package/dist/emitter/site-templates/config.ts.hbs +0 -28
package/dist/emitter/site-templates/dockerfile.hbs +0 -31
package/dist/emitter/site-templates/env.example.hbs +0 -19
package/dist/emitter/site-templates/package.json.hbs +0 -26
package/dist/emitter/site-templates/server-main-http.ts.hbs +0 -108
package/dist/emitter/site-templates/server-main.ts.hbs +0 -23
package/dist/emitter/site-templates/tool-handler-action.ts.hbs +0 -86
package/dist/emitter/site-templates/tool-handler-form.ts.hbs +0 -116
package/dist/emitter/site-templates/tool-handler-lifecycle.ts.hbs +0 -146
package/dist/emitter/site-templates/tool-index.ts.hbs +0 -11
package/dist/emitter/template-loader.d.ts +0 -1
package/dist/emitter/template-loader.js +0 -27
package/dist/emitter/templates/auth-provider.ts.hbs +0 -57
package/dist/emitter/templates/config.ts.hbs +0 -63
package/dist/emitter/templates/discovery.ts.hbs +0 -301
package/dist/emitter/templates/dockerfile.hbs +0 -34
package/dist/emitter/templates/env.example.hbs +0 -28
package/dist/emitter/templates/gitignore.hbs +0 -5
package/dist/emitter/templates/http-executor.ts.hbs +0 -117
package/dist/emitter/templates/oauth.ts.hbs +0 -188
package/dist/emitter/templates/package.json.hbs +0 -25
package/dist/emitter/templates/prompts.ts.hbs +0 -22
package/dist/emitter/templates/readme.md.hbs +0 -123
package/dist/emitter/templates/resources.ts.hbs +0 -63
package/dist/emitter/templates/server-main-http.ts.hbs +0 -407
package/dist/emitter/templates/server-main.ts.hbs +0 -40
package/dist/emitter/templates/task-handlers.ts.hbs +0 -189
package/dist/emitter/templates/task-manager.ts.hbs +0 -139
package/dist/emitter/templates/task-sse.ts.hbs +0 -105
package/dist/emitter/templates/tool-handler.ts.hbs +0 -124
package/dist/emitter/templates/tool-index.ts.hbs +0 -11
package/dist/emitter/templates/tool-test.ts.hbs +0 -57
package/dist/emitter/templates/trace.ts.hbs +0 -79
package/dist/emitter/templates/tsconfig.json.hbs +0 -16
package/dist/emitter/templates/types.ts.hbs +0 -5
package/dist/emitter/worker-template-loader.d.ts +0 -5
package/dist/emitter/worker-template-loader.js +0 -33
package/dist/emitter/worker-templates/config.ts.hbs +0 -54
package/dist/emitter/worker-templates/dev-vars.example.hbs +0 -10
package/dist/emitter/worker-templates/gitignore.hbs +0 -6
package/dist/emitter/worker-templates/package.json.hbs +0 -24
package/dist/emitter/worker-templates/readme.md.hbs +0 -53
package/dist/emitter/worker-templates/server.test.ts.hbs +0 -20
package/dist/emitter/worker-templates/tool-handler.ts.hbs +0 -85
package/dist/emitter/worker-templates/tool-index.ts.hbs +0 -28
package/dist/emitter/worker-templates/tsconfig.json.hbs +0 -17
package/dist/emitter/worker-templates/worker.ts.hbs +0 -242
package/dist/emitter/worker-templates/wrangler.toml.hbs +0 -19
package/dist/generator/spec-generator.d.ts +0 -6
package/dist/generator/spec-generator.js +0 -50
package/dist/parser/har-filter.d.ts +0 -8
package/dist/parser/har-filter.js +0 -71
package/dist/parser/har-loader.d.ts +0 -2
package/dist/parser/har-loader.js +0 -14
package/dist/parser/har-normalizer.d.ts +0 -20
package/dist/parser/har-normalizer.js +0 -78
package/dist/parser/index.d.ts +0 -10
package/dist/parser/index.js +0 -6
package/dist/parser/openapi-loader.d.ts +0 -6
package/dist/parser/openapi-loader.js +0 -308
package/dist/parser/operation-extractor.d.ts +0 -13
package/dist/parser/operation-extractor.js +0 -155
package/dist/parser/overlay-loader.d.ts +0 -10
package/dist/parser/overlay-loader.js +0 -184
package/dist/parser/postman-loader.d.ts +0 -9
package/dist/parser/postman-loader.js +0 -106
package/dist/parser/schema-converter.d.ts +0 -12
package/dist/parser/schema-converter.js +0 -117
package/dist/plugins/adapter.d.ts +0 -40
package/dist/plugins/adapter.js +0 -15
package/dist/plugins/loader.d.ts +0 -25
package/dist/plugins/loader.js +0 -58
package/dist/pricing.d.ts +0 -55
package/dist/pricing.js +0 -133
package/dist/providers/index.d.ts +0 -15
package/dist/providers/index.js +0 -56
package/dist/recorder/browser-recorder.d.ts +0 -22
package/dist/recorder/browser-recorder.js +0 -205
package/dist/rescan/diff-engine.d.ts +0 -5
package/dist/rescan/diff-engine.js +0 -312
package/dist/rescan/index.d.ts +0 -3
package/dist/rescan/index.js +0 -2
package/dist/rescan/rescan-runner.d.ts +0 -42
package/dist/rescan/rescan-runner.js +0 -69
package/dist/rescan/rescan-scheduler.d.ts +0 -41
package/dist/rescan/rescan-scheduler.js +0 -179
package/dist/site-transformer/browser-tools.d.ts +0 -10
package/dist/site-transformer/browser-tools.js +0 -59
package/dist/site-transformer/index.d.ts +0 -2
package/dist/site-transformer/index.js +0 -2
package/dist/site-transformer/selector-healer.d.ts +0 -8
package/dist/site-transformer/selector-healer.js +0 -106
package/dist/site-transformer/tool-generator.d.ts +0 -13
package/dist/site-transformer/tool-generator.js +0 -245
package/dist/transformer/auth-detector.d.ts +0 -13
package/dist/transformer/auth-detector.js +0 -90
package/dist/transformer/catalog-builder.d.ts +0 -18
package/dist/transformer/catalog-builder.js +0 -56
package/dist/transformer/client-compat.d.ts +0 -6
package/dist/transformer/client-compat.js +0 -44
package/dist/transformer/har-clusterer.d.ts +0 -9
package/dist/transformer/har-clusterer.js +0 -27
package/dist/transformer/har-dedup.d.ts +0 -10
package/dist/transformer/har-dedup.js +0 -81
package/dist/transformer/har-schema-inferrer.d.ts +0 -15
package/dist/transformer/har-schema-inferrer.js +0 -90
package/dist/transformer/har-to-operations.d.ts +0 -13
package/dist/transformer/har-to-operations.js +0 -192
package/dist/transformer/index.d.ts +0 -8
package/dist/transformer/index.js +0 -6
package/dist/transformer/llm-namer.d.ts +0 -6
package/dist/transformer/llm-namer.js +0 -59
package/dist/transformer/naming.d.ts +0 -4
package/dist/transformer/naming.js +0 -30
package/dist/transformer/operation-filter.d.ts +0 -13
package/dist/transformer/operation-filter.js +0 -52
package/dist/transformer/resource-builder.d.ts +0 -12
package/dist/transformer/resource-builder.js +0 -80
package/dist/transformer/schema-merger.d.ts +0 -14
package/dist/transformer/schema-merger.js +0 -65
package/dist/transformer/tool-builder.d.ts +0 -3
package/dist/transformer/tool-builder.js +0 -114
package/dist/types/index.d.ts +0 -131
package/dist/types/index.js +0 -1
package/dist/types/site.d.ts +0 -284
package/dist/types/site.js +0 -8
package/dist/utils/fail.d.ts +0 -48
package/dist/utils/fail.js +0 -204
package/dist/utils/fs.d.ts +0 -5
package/dist/utils/fs.js +0 -28
package/dist/utils/interactive.d.ts +0 -6
package/dist/utils/interactive.js +0 -30
package/dist/utils/logger.d.ts +0 -1
package/dist/utils/logger.js +0 -2
package/dist/utils/sanitize.d.ts +0 -28
package/dist/utils/sanitize.js +0 -44
package/dist/utils/watcher.d.ts +0 -11
package/dist/utils/watcher.js +0 -36

package/dist/cloud/secret-store.d.ts DELETED Viewed

@@ -1,38 +0,0 @@
-/**
- * High-level secret management for server credentials.
- *
- * Encrypts values with AES-256-GCM via the crypto module.
- * Uses in-memory storage by default; when a Pg Database is provided,
- * persists to the `server_secrets` table instead.
- */
-import type { Database } from './db/index.js';
-export declare class SecretStore {
-    private masterKey;
-    private db;
-    /** In-memory fallback: Map<slug, Map<name, encryptedValue>> */
-    private mem;
-    constructor(masterKey: string, db?: Database | null);
-    /** Attach a Pg database (can be called after construction). */
-    setDatabase(db: Database): void;
-    /**
-     * Store (or overwrite) a secret for a server slug.
-     */
-    storeSecret(slug: string, name: string, value: string): Promise<void>;
-    /**
-     * Retrieve and decrypt a single secret. Returns null if not found.
-     */
-    getSecret(slug: string, name: string): Promise<string | null>;
-    /**
-     * List secret names (not values) for a server.
-     */
-    listSecrets(slug: string): Promise<string[]>;
-    /**
-     * Delete a secret.
-     */
-    deleteSecret(slug: string, name: string): Promise<void>;
-    /**
-     * Get all secrets for a server as a plain env-var map (for container startup).
-     * Values are decrypted.
-     */
-    getSecretsAsEnv(slug: string): Promise<Record<string, string>>;
-}

package/dist/cloud/secret-store.js DELETED Viewed

@@ -1,103 +0,0 @@
-/**
- * High-level secret management for server credentials.
- *
- * Encrypts values with AES-256-GCM via the crypto module.
- * Uses in-memory storage by default; when a Pg Database is provided,
- * persists to the `server_secrets` table instead.
- */
-import { encrypt, decrypt } from './crypto.js';
-export class SecretStore {
-    masterKey;
-    db;
-    /** In-memory fallback: Map<slug, Map<name, encryptedValue>> */
-    mem = new Map();
-    constructor(masterKey, db) {
-        this.masterKey = masterKey;
-        this.db = db ?? null;
-    }
-    /** Attach a Pg database (can be called after construction). */
-    setDatabase(db) {
-        this.db = db;
-    }
-    /**
-     * Store (or overwrite) a secret for a server slug.
-     */
-    async storeSecret(slug, name, value) {
-        const encryptedValue = encrypt(value, this.masterKey);
-        if (this.db) {
-            await this.db.query(`INSERT INTO server_secrets (slug, name, encrypted_value, updated_at)
-         VALUES ($1, $2, $3, now())
-         ON CONFLICT (slug, name) DO UPDATE
-           SET encrypted_value = EXCLUDED.encrypted_value,
-               updated_at = now()`, [slug, name, encryptedValue]);
-        }
-        else {
-            let slugMap = this.mem.get(slug);
-            if (!slugMap) {
-                slugMap = new Map();
-                this.mem.set(slug, slugMap);
-            }
-            slugMap.set(name, encryptedValue);
-        }
-    }
-    /**
-     * Retrieve and decrypt a single secret. Returns null if not found.
-     */
-    async getSecret(slug, name) {
-        let encryptedValue;
-        if (this.db) {
-            const { rows } = await this.db.query('SELECT encrypted_value FROM server_secrets WHERE slug = $1 AND name = $2', [slug, name]);
-            encryptedValue = rows.length > 0 ? rows[0].encrypted_value : undefined;
-        }
-        else {
-            encryptedValue = this.mem.get(slug)?.get(name);
-        }
-        if (!encryptedValue)
-            return null;
-        return decrypt(encryptedValue, this.masterKey);
-    }
-    /**
-     * List secret names (not values) for a server.
-     */
-    async listSecrets(slug) {
-        if (this.db) {
-            const { rows } = await this.db.query('SELECT name FROM server_secrets WHERE slug = $1 ORDER BY name', [slug]);
-            return rows.map((r) => r.name);
-        }
-        const slugMap = this.mem.get(slug);
-        return slugMap ? [...slugMap.keys()].sort() : [];
-    }
-    /**
-     * Delete a secret.
-     */
-    async deleteSecret(slug, name) {
-        if (this.db) {
-            await this.db.query('DELETE FROM server_secrets WHERE slug = $1 AND name = $2', [slug, name]);
-        }
-        else {
-            this.mem.get(slug)?.delete(name);
-        }
-    }
-    /**
-     * Get all secrets for a server as a plain env-var map (for container startup).
-     * Values are decrypted.
-     */
-    async getSecretsAsEnv(slug) {
-        const result = {};
-        if (this.db) {
-            const { rows } = await this.db.query('SELECT name, encrypted_value FROM server_secrets WHERE slug = $1', [slug]);
-            for (const row of rows) {
-                result[row.name] = decrypt(row.encrypted_value, this.masterKey);
-            }
-        }
-        else {
-            const slugMap = this.mem.get(slug);
-            if (slugMap) {
-                for (const [name, encryptedValue] of slugMap) {
-                    result[name] = decrypt(encryptedValue, this.masterKey);
-                }
-            }
-        }
-        return result;
-    }
-}

package/dist/cloud/security.d.ts DELETED Viewed

@@ -1,26 +0,0 @@
-/**
- * Generate a bearer token for a hosted MCP server.
- * Format: mf_{64 hex chars} (32 random bytes).
- */
-export declare function generateBearerToken(): string;
-/**
- * Hash a bearer token for storage. Never store raw tokens.
- */
-export declare function hashToken(token: string): string;
-/**
- * Verify a bearer token against a stored SHA-256 hash.
- */
-export declare function verifyToken(token: string, hash: string): boolean;
-/**
- * Compute SHA-256 hash of a spec file for dedup / change detection.
- */
-export declare function hashSpec(content: Buffer): string;
-/**
- * Audit generated code in a project directory for dangerous patterns.
- * Scans .ts files, Dockerfile, and package.json.
- * Returns { safe: true } if no dangerous patterns are found.
- */
-export declare function auditGeneratedCode(dir: string): Promise<{
-    safe: boolean;
-    findings: string[];
-}>;

package/dist/cloud/security.js DELETED Viewed

@@ -1,142 +0,0 @@
-import { randomBytes, createHash } from 'node:crypto';
-import { readdir, readFile } from 'node:fs/promises';
-import { join } from 'node:path';
-const TOKEN_PREFIX = 'mf_';
-/**
- * Generate a bearer token for a hosted MCP server.
- * Format: mf_{64 hex chars} (32 random bytes).
- */
-export function generateBearerToken() {
-    return TOKEN_PREFIX + randomBytes(32).toString('hex');
-}
-/**
- * Hash a bearer token for storage. Never store raw tokens.
- */
-export function hashToken(token) {
-    return createHash('sha256').update(token).digest('hex');
-}
-/**
- * Verify a bearer token against a stored SHA-256 hash.
- */
-export function verifyToken(token, hash) {
-    const computed = hashToken(token);
-    // Constant-time comparison to prevent timing attacks
-    if (computed.length !== hash.length)
-        return false;
-    let diff = 0;
-    for (let i = 0; i < computed.length; i++) {
-        diff |= computed.charCodeAt(i) ^ hash.charCodeAt(i);
-    }
-    return diff === 0;
-}
-/**
- * Compute SHA-256 hash of a spec file for dedup / change detection.
- */
-export function hashSpec(content) {
-    return createHash('sha256').update(content).digest('hex');
-}
-/**
- * Dangerous patterns that must never appear in generated server code.
- * Each entry has a regex to test against file content and a human-readable label.
- */
-const DANGEROUS_PATTERNS = [
-    { pattern: /\bchild_process\b/, label: 'child_process module' },
-    { pattern: /\beval\s*\(/, label: 'eval()' },
-    { pattern: /\bnew\s+Function\s*\(/, label: 'new Function()' },
-    { pattern: /\brequire\s*\(\s*['"]child_process['"]/, label: "require('child_process')" },
-    { pattern: /\bexecSync\b/, label: 'execSync' },
-    { pattern: /\bspawnSync\b/, label: 'spawnSync' },
-    { pattern: /\bexecFileSync\b/, label: 'execFileSync' },
-    { pattern: /\bspawn\s*\(/, label: 'spawn()' },
-    { pattern: /\bexec\s*\(/, label: 'exec()' },
-    { pattern: /\bimport\s*\(\s*['"]/, label: 'dynamic import()' },
-];
-/** Files that legitimately use process.env — skip the process.env check for these. */
-const PROCESS_ENV_ALLOWLIST = new Set(['config.ts', 'index.ts']);
-/** Patterns checked only on tool handler files (not config/index). */
-const TOOL_ONLY_PATTERNS = [
-    { pattern: /\bprocess\.env\b/, label: 'process.env access (use config instead)' },
-    { pattern: /\bfs\s*\./, label: 'direct fs module usage' },
-];
-/** Patterns checked on Dockerfiles. */
-const DOCKERFILE_PATTERNS = [
-    { pattern: /RUN\s+curl\b/, label: 'curl in Dockerfile RUN' },
-    { pattern: /RUN\s+wget\b/, label: 'wget in Dockerfile RUN' },
-    { pattern: /ADD\s+https?:\/\//, label: 'ADD from remote URL in Dockerfile' },
-];
-/**
- * Audit generated code in a project directory for dangerous patterns.
- * Scans .ts files, Dockerfile, and package.json.
- * Returns { safe: true } if no dangerous patterns are found.
- */
-export async function auditGeneratedCode(dir) {
-    const findings = [];
-    const tsFiles = await collectTsFiles(dir);
-    for (const filePath of tsFiles) {
-        const content = await readFile(filePath, 'utf-8');
-        const relativePath = filePath.slice(dir.length + 1);
-        const fileName = filePath.split('/').pop() ?? '';
-        // Check universal dangerous patterns
-        for (const { pattern, label } of DANGEROUS_PATTERNS) {
-            if (pattern.test(content)) {
-                findings.push(`${relativePath}: contains ${label}`);
-            }
-        }
-        // Check tool-only patterns (skip config.ts and index.ts)
-        if (!PROCESS_ENV_ALLOWLIST.has(fileName)) {
-            for (const { pattern, label } of TOOL_ONLY_PATTERNS) {
-                if (pattern.test(content)) {
-                    findings.push(`${relativePath}: contains ${label}`);
-                }
-            }
-        }
-    }
-    // Audit Dockerfile if present
-    const dockerfilePath = join(dir, 'Dockerfile');
-    try {
-        const dockerfileContent = await readFile(dockerfilePath, 'utf-8');
-        for (const { pattern, label } of DOCKERFILE_PATTERNS) {
-            if (pattern.test(dockerfileContent)) {
-                findings.push(`Dockerfile: contains ${label}`);
-            }
-        }
-    }
-    catch {
-        // No Dockerfile — that's fine for stdio-only projects
-    }
-    // Audit package.json for suspicious scripts
-    const packageJsonPath = join(dir, 'package.json');
-    try {
-        const pkgContent = await readFile(packageJsonPath, 'utf-8');
-        const pkg = JSON.parse(pkgContent);
-        const allowedScripts = new Set(['build', 'start', 'dev', 'test']);
-        if (pkg.scripts) {
-            for (const key of Object.keys(pkg.scripts)) {
-                if (!allowedScripts.has(key)) {
-                    findings.push(`package.json: unexpected script "${key}"`);
-                }
-            }
-        }
-    }
-    catch {
-        // No package.json or invalid JSON
-    }
-    return { safe: findings.length === 0, findings };
-}
-/**
- * Recursively collect all .ts files in a directory.
- */
-async function collectTsFiles(dir) {
-    const result = [];
-    const entries = await readdir(dir, { withFileTypes: true });
-    for (const entry of entries) {
-        const fullPath = join(dir, entry.name);
-        if (entry.isDirectory() && entry.name !== 'node_modules') {
-            result.push(...(await collectTsFiles(fullPath)));
-        }
-        else if (entry.isFile() && entry.name.endsWith('.ts')) {
-            result.push(fullPath);
-        }
-    }
-    return result;
-}

package/dist/cloud/server.d.ts DELETED Viewed

@@ -1,21 +0,0 @@
-/**
- * Hosting backend HTTP server.
- *
- * A minimal Node.js HTTP server (no Express) that accepts spec uploads,
- * generates MCP servers, and manages Docker container lifecycles.
- *
- * Endpoints:
- *   POST   /api/servers          — Create a new hosted MCP server
- *   GET    /api/servers          — List servers
- *   GET    /api/servers/:slug    — Get server status
- *   DELETE /api/servers/:slug    — Stop and remove server
- *   PUT    /api/servers/:slug    — Re-deploy with updated spec
- *   GET    /api/servers/:slug/logs — Tail container logs (SSE)
- *   GET    /health               — Health check
- */
-import http from 'node:http';
-/**
- * Start the hosting backend server.
- */
-export declare function startServer(port?: number, domain?: string): Promise<http.Server>;
-export declare function handleRequest(req: http.IncomingMessage, res: http.ServerResponse, domain: string): Promise<void>;