npm - mcpman - Versions diffs - 0.1.1 → 0.3.0 - Mend

mcpman 0.1.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +68 -2
package/dist/chunk-6X6Q6UZC.js +141 -0
package/dist/index.cjs +1769 -356
package/dist/index.js +1479 -308
package/dist/trust-scorer-LYC6KZCD.js +77 -0
package/dist/vault-service-UTZAV6N6.js +29 -0
package/package.json +1 -1

package/dist/trust-scorer-LYC6KZCD.js ADDED Viewed

@@ -0,0 +1,77 @@
+#!/usr/bin/env node
+// src/core/trust-scorer.ts
+var WEIGHT_VULNS = 0.3;
+var WEIGHT_DOWNLOADS = 0.2;
+var WEIGHT_AGE = 0.15;
+var WEIGHT_PUBLISH_FREQ = 0.15;
+var WEIGHT_MAINTAINERS = 0.2;
+function vulnScore(vulns) {
+  let score = 100;
+  for (const v of vulns) {
+    if (v.severity === "critical") score -= 25;
+    else if (v.severity === "high") score -= 15;
+    else if (v.severity === "moderate") score -= 10;
+    else score -= 5;
+  }
+  return Math.max(0, score);
+}
+function downloadScore(weeklyDownloads) {
+  if (weeklyDownloads <= 0) return 0;
+  if (weeklyDownloads >= 1e6) return 100;
+  if (weeklyDownloads >= 1e5) return 80;
+  if (weeklyDownloads >= 1e4) return 60;
+  if (weeklyDownloads >= 1e3) return 40;
+  if (weeklyDownloads >= 100) return 20;
+  return 10;
+}
+function ageScore(packageAge) {
+  if (packageAge <= 0) return 0;
+  if (packageAge >= 730) return 100;
+  if (packageAge >= 365) return 80;
+  if (packageAge >= 180) return 60;
+  if (packageAge >= 30) return 30;
+  return 10;
+}
+function publishScore(lastPublish) {
+  const daysSince = Math.floor((Date.now() - new Date(lastPublish).getTime()) / 864e5);
+  if (daysSince <= 30) return 100;
+  if (daysSince <= 90) return 80;
+  if (daysSince <= 180) return 60;
+  if (daysSince <= 365) return 40;
+  return 20;
+}
+function maintainerScore(count, deprecated) {
+  let score = 0;
+  if (count >= 3) score = 90;
+  else if (count === 2) score = 70;
+  else score = 50;
+  if (!deprecated) score += 10;
+  return Math.min(100, score);
+}
+function toRiskLevel(score) {
+  if (score >= 80) return "LOW";
+  if (score >= 50) return "MEDIUM";
+  if (score >= 20) return "HIGH";
+  return "CRITICAL";
+}
+function computeTrustScore(metadata, vulns) {
+  if (!metadata) {
+    const vScore = vulnScore(vulns);
+    const score2 = Math.round(vScore * WEIGHT_VULNS * 100) / 100;
+    return { score: Math.round(score2), riskLevel: toRiskLevel(score2) };
+  }
+  const scores = {
+    vulns: vulnScore(vulns),
+    downloads: downloadScore(metadata.weeklyDownloads),
+    age: ageScore(metadata.packageAge),
+    publish: publishScore(metadata.lastPublish),
+    maintainers: maintainerScore(metadata.maintainerCount, metadata.deprecated)
+  };
+  const weighted = scores.vulns * WEIGHT_VULNS + scores.downloads * WEIGHT_DOWNLOADS + scores.age * WEIGHT_AGE + scores.publish * WEIGHT_PUBLISH_FREQ + scores.maintainers * WEIGHT_MAINTAINERS;
+  const score = Math.min(100, Math.max(0, Math.round(weighted)));
+  return { score, riskLevel: toRiskLevel(score) };
+}
+export {
+  computeTrustScore
+};

package/dist/vault-service-UTZAV6N6.js ADDED Viewed

@@ -0,0 +1,29 @@
+#!/usr/bin/env node
+import {
+  clearPasswordCache,
+  decrypt,
+  encrypt,
+  getMasterPassword,
+  getSecret,
+  getSecretsForServer,
+  getVaultPath,
+  listSecrets,
+  readVault,
+  removeSecret,
+  setSecret,
+  writeVault
+} from "./chunk-6X6Q6UZC.js";
+export {
+  clearPasswordCache,
+  decrypt,
+  encrypt,
+  getMasterPassword,
+  getSecret,
+  getSecretsForServer,
+  getVaultPath,
+  listSecrets,
+  readVault,
+  removeSecret,
+  setSecret,
+  writeVault
+};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mcpman",
-  "version": "0.1.1",
+  "version": "0.3.0",
   "description": "The package manager for MCP servers",
   "type": "module",
   "bin": {